Re: CVS: cvs.openbsd.org: src
On Mon, Apr 24, 2023 at 10:53:57AM -0600, Dave Voutila wrote: > CVSROOT: /cvs > Module name: src > Changes by: d...@cvs.openbsd.org2023/04/24 10:53:57 > > Modified files: > sys/arch/amd64/amd64: vmm.c > > Log message: > vmm(4): allow guests to enable and use supervisor IBT. > > Why should hosts have all the fun? Conditionally unmask the cpuid > bits for IBT and allow r/w access to the supervisor CET msr. > > Will need revisiting when we introduce usage of userland CET msr. > > ok marlkin@ Running on older hardware where CET is not enumerated causes guests to panic in cpu_fix_msrs() during RDMSR 0x6a2. diff --git sys/arch/amd64/amd64/vmm.c sys/arch/amd64/amd64/vmm.c index 42ac8007029..35b05033cdc 100644 --- sys/arch/amd64/amd64/vmm.c +++ sys/arch/amd64/amd64/vmm.c @@ -7059,7 +7059,7 @@ vmm_handle_cpuid(struct vcpu *vcpu) *rcx &= ~SEFF0ECX_PKU; /* Expose IBT bit if we've enabled CET on the host. */ - if (rcr4() | CR4_CET) + if (rcr4() & CR4_CET) *rdx |= SEFF0EDX_IBT; else *rdx &= ~SEFF0EDX_IBT;
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: a...@cvs.openbsd.org2023/04/25 20:38:08 Modified files: sbin/ifconfig : ifconfig.8 Log message: Add parent to nvgre in ifconfig.8. ok david@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2023/04/25 19:36:03 Modified files: usr.bin/ssh: ssh.c Log message: Check for ProxyJump=none in CanonicalizeHostname logic. Previously ssh would incorrectly refuse to canonicalise the hostname if ProxyJump was explicitly set to "none" when CanonicalizeHostname=yes bz3567; ok dtucker
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/04/25 18:14:21 Modified files: sys/net: if.c if_vlan.c if_vlan_var.h Log message: Also set TSO flag on vlan interfaces. with tweaks from bluhm, claudio and dlg I fine with it from claudio looks good to me from dlg ok bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 17:16:31 Modified files: lib/libcrypto : Makefile Added files: lib/libcrypto/evp: e_old.c Log message: Reinstate e_old.c it is still used by -portable
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2023/04/25 16:56:28 Modified files: sys/netinet: tcp_output.c Log message: Fix white space.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2023/04/25 15:58:36 Modified files: sys/dev/pci: pcidevs.h pcidevs_data.h Log message: regen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2023/04/25 15:57:29 Modified files: sys/dev/pci: pcidevs Log message: Add RK3588.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/04/25 15:51:44 Modified files: regress/lib/libcrypto/x509: Makefile Added files: regress/lib/libcrypto/x509: dercache.c Log message: Add regress test for invalidation of DER cache in select X509 setter functions
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: bent...@cvs.openbsd.org 2023/04/25 14:18:48 Modified files: driver/xf86-input-ws/src: ws.c Log message: Fix error message typos: COORS -> COORDS. ok matthieu@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 14:07:55 Modified files: lib/libcrypto/man: BN_BLINDING_new.3 Log message: Remove documentation of BN_BLINDING_{g,s}et_thread_id
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 14:06:35 Modified files: lib/libcrypto : Makefile Removed files: lib/libcrypto/evp: e_old.c Log message: e_old can also go
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:57:59 Modified files: lib/libcrypto/bn: bn.h bn_blind.c bn_lib.c bn_prime.c Log message: Remove the deprecated API from BN
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:53:30 Modified files: lib/libcrypto : Makefile lib/libcrypto/bn: bn.h lib/libcrypto/ec: ec.h ec_asn1.c ec_curve.c ec_cvt.c ec_lib.c ec_oct.c Removed files: lib/libcrypto/bn: bn_gf2m.c lib/libcrypto/ec: ec2_mult.c ec2_oct.c ec2_smpl.c Log message: GF2m bites the dust. It won't be missed.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:52:25 Modified files: lib/libcrypto : Symbols.list Log message: ASN1_item_ndef_i2d also goes. discussed with deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:48:25 Modified files: regress/lib/libcrypto/bio: Makefile bio_asn1.c Log message: bio_asn1: adjust for more recent churn
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:34:06 Modified files: lib/libcrypto : opensslfeatures.h Log message: Remove commented version of OPENSSL_NO_EC2M
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:32:19 Modified files: lib/libcrypto/sha: sha3_internal.h Log message: Remove duplicate NID definitions
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:29:36 Modified files: lib/libcrypto : opensslfeatures.h Log message: LIBRESSL_NEXT_API is no longer needed
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:28:22 Modified files: lib/libcrypto/ec: ec.h Log message: Remove prototype of EC_GFp_nist_method()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:26:45 Modified files: lib/libcrypto/ec: ec.h ec_local.h lib/libcrypto/ecdh: ech_lib.c lib/libcrypto/ecdsa: ecs_lib.c Log message: Move EC_KEY_{insert,set}_key_method_data() to internal-only
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:08:30 Modified files: lib/libcrypto/asn1: asn1.h asn1_local.h bio_ndef.c lib/libcrypto/cms: cms_io.c lib/libcrypto/pkcs7: bio_pk7.c pk7_mime.c Log message: Move low level BIO_new_NDEF API to internal-only
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 13:01:01 Modified files: lib/libcrypto : Makefile lib/libcrypto/x509: x509v3.h Removed files: lib/libcrypto/x509: x509_pci.c x509_pcia.c Log message: Remove proxy cert remnants
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:57:57 Modified files: lib/libcrypto : Makefile lib/libcrypto/man: PEM_read_bio_PrivateKey.3 lib/libcrypto/x509: x509.h Removed files: lib/libcrypto/asn1: nsseq.c Log message: Remove NETSCAPE_CERT_SEQUENCE
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:53:42 Modified files: lib/libcrypto/stack: safestack.h lib/libcrypto/x509: pcy_int.h Log message: Move the policy STACK_OF stuff to pcy_int.h as well
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:49:23 Modified files: distrib/sets/lists/comp: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:48:32 Modified files: lib/libcrypto : Makefile Symbols.namespace lib/libcrypto/hidden/openssl: x509v3.h lib/libcrypto/man: Makefile X509_EXTENSION_set_object.3 lib/libcrypto/stack: safestack.h lib/libcrypto/x509: x509v3.h Removed files: lib/libcrypto/man: SXNET_new.3 lib/libcrypto/x509: x509_sxnet.c Log message: Remove SXNET Unused and no authorative information was found online in 2016
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:39:12 Modified files: lib/libcrypto/evp: evp.h Log message: Move truncated sha-2 and sha3 out of #ifdef wrappers
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:37:56 Modified files: lib/libcrypto/x509: x509_vfy.c Log message: Use X509_STORE_CTX_get1_{certs,crls}() instead of an alias
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:33:50 Modified files: lib/libcrypto : Symbols.namespace Log message: X509_STORE_get1_{certs,crls} become X509_STORE_CTX_* also in Symbols.namespace
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:32:42 Modified files: lib/libcrypto/hidden/openssl: x509_vfy.h lib/libcrypto/x509: x509_lu.c x509_vfy.h Log message: X509_STORE_get1_{certs,crls} become X509_STORE_CTX_* This matches the OpenSSL 1.1 API a bit better.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:28:05 Modified files: lib/libcrypto : Symbols.namespace ossl_typ.h lib/libcrypto/hidden/openssl: x509_vfy.h lib/libcrypto/x509: pcy_int.h x509_local.h x509_vfy.c x509_vfy.h x509v3.h Log message: Move the policy tree code to internal-only A few hooks remain in the legacy validator, which will soon be replaced with something better. The rest of the tentacles are now largely contained.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/04/25 12:14:06 Modified files: sys/kern : kern_exit.c kern_fork.c sys/sys: proc.h Log message: Rename ps_refcnt to ps_threadcnt in struct process and implement P_HASSIBLING() using this count. OK mvs@ mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:13:25 Modified files: lib/libcrypto/hidden/openssl: pkcs7.h Log message: Remove i2d_PKCS7_NDEF from the hidden version as well
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:05:07 Modified files: lib/libcrypto/man: d2i_PKCS7.3 Log message: Remove documentation for i2d_PKCS7_NDEF
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 12:04:03 Modified files: lib/libcrypto : Symbols.namespace lib/libcrypto/pkcs7: pk7_asn1.c pkcs7.h Log message: Remove i2d_PKCS7_NDEF
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:59:41 Modified files: lib/libcrypto : ossl_typ.h lib/libcrypto/bn: bn_local.h Log message: BN_RECP_CTX moves to internal
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2023/04/25 11:57:55 Modified files: lib/libevent : event_base_new.3 Log message: Put ERRORS and DIAGNOSTICS information in the sections where they belong. More details on RETURN VALUES and ERRORS. Document all DIAGNOSTICS messages except the various malloc(3)-related ones and except those that cannot actually occur but would merely report violations of internal invariants. Shorten some wordings in this section. Using feedback from jmc@ and Ted Bullock. OK jmc@ and nicm@ on an earlier version.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:54:10 Modified files: lib/libcrypto : Makefile lib/libcrypto/modes: modes.h Removed files: lib/libcrypto/modes: cts128.c Log message: Remove CTS mode ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:52:54 Modified files: lib/libcrypto/ts: ts.h ts_verify_ctx.c Log message: Remove TS_VERIFY_CTX_init()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:51:36 Modified files: lib/libcrypto/pem: pem.h pem_all.c Log message: Remove PEM wrappers for NETSCAPE_CERT_SEQUENCE
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:42:07 Modified files: lib/libcrypto : Makefile lib/libcrypto/bn: bn.h Removed files: lib/libcrypto/bn: bn_nist.c lib/libcrypto/ec: ecp_nist.c Log message: Remove the horror show that is bn_nist and ecp_nist This code is full of problematic C and is also otherwise of questionable quality. It is far from constant time and jsing informs me it also isn't faster. Good riddance.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:23:08 Modified files: lib/libcrypto/man: BN_new.3 Log message: Remove BN_init() documentation
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:21:51 Modified files: lib/libcrypto/man: BN_CTX_new.3 Log message: Remove BN_CTX_init() documentation
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:20:24 Modified files: lib/libcrypto/bn: bn.h bn_mont.c Log message: Remove the no longer used BN_MONT_CTX_init()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:17:21 Modified files: regress/lib/libcrypto/bn: bn_mod_exp.c bn_test.c Log message: Remove a couple of temporary hacks
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:13:06 Modified files: lib/libcrypto/bn: bn.h bn_local.h Log message: Move a few now internal prototypes to bn_local.h
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 11:01:21 Modified files: lib/libcrypto/bn: bn.h Log message: Remove old BN_one/BN_zero compat stuff ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:59:57 Modified files: sys/lib/libz : adler32.c compress.c crc32.c deflate.c deflate.h infback.c inffast.c inffast.h inflate.c inftrees.c inftrees.h trees.c zconf.h zlib.h zutil.c zutil.h Log message: zlib: sync with src
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:59:10 Modified files: lib/libz : ChangeLog README adler32.c compress.c crc32.c deflate.c deflate.h gzclose.c gzguts.h gzlib.c gzread.c gzwrite.c infback.c inffast.c inffast.h inflate.c inftrees.c inftrees.h trees.c uncompr.c zconf.h zlib.h zutil.c zutil.h Log message: Update libz to the HEAD of the develop branch This mostly moves from K prototypes to ANSI prototypes and includes a handful of bug fixes that are nice to have. The corresponding sys commit will allow us to undo some hacks that jca applied to make the kernel build with clang 15. discussed with deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:50:33 Modified files: lib/libcrypto : Makefile lib/libcrypto/bn: bn.h lib/libcrypto/evp: evp.h lib/libcrypto/man: EVP_PKEY_keygen.3 lib/libcrypto/rsa: rsa.h Removed files: lib/libcrypto/bn: bn_x931p.c lib/libcrypto/rsa: rsa_x931.c Log message: Remove X9.31 support ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:41:29 Modified files: lib/libcrypto/bn: bn.h bn_ctx.c Log message: Remove the no longer used BN_CTX_init() ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2023/04/25 10:24:25 Modified files: sys/netinet: if_ether.c Log message: Exclusive net lock or mutex arp_mtx protect the llinfo_arp fields. So kernel lock is only needed for changing the route rt_flags. In arpresolve() protect rt_llinfo lookup and llinfo_arp modification with arp_mtx. Grab kernel lock for rt_flags reject modification only when needed. Tested by Hrvoje Popovski; OK patrick@ kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:15:38 Modified files: lib/libcrypto : opensslv.h Log message: Bump LibreSSL version to 3.8.0
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 10:11:02 Modified files: usr.bin/openssl: Makefile openssl.1 openssl.c Removed files: usr.bin/openssl: nseq.c Log message: Remove the nseq command
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: bent...@cvs.openbsd.org 2023/04/25 10:07:13 Modified files: driver/xf86-input-ws/man: ws.man Log message: xtsscale is in section 1, not section 8.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2023/04/25 09:59:45 Modified files: lib/libcrypto/man: BIO_ctrl.3 Log message: Document most command constants. They are part of the public API, may be needed for implementing custom BIO types, and application programmers need to avoid clashing with them.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:56:56 Modified files: regress/lib/libcrypto/wycheproof: wycheproof.go Log message: Update Wycheproof.go to exercise truncated SHA-2 and SHA-3
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:55:26 Modified files: distrib/sets/lists/base: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:54:19 Modified files: lib/libcrypto : shlib_version lib/libssl : shlib_version lib/libtls : shlib_version Log message: Bump majors after symbol addition and removal
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:52:41 Modified files: lib/libcrypto : Symbols.list Log message: Update Symbols.list after symbol addition and removal
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:51:31 Modified files: lib/libcrypto : Makefile Log message: Comment out a few now unused files from Makefile
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:51:04 Modified files: lib/libcrypto/x509: x509v3.h x509_genn.c Log message: Use proper fix for the recent x400Address issue >From David Benjamin (BoringSSL) ok beck
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:50:09 Modified files: lib/libcrypto : opensslfeatures.h Log message: Temporarily define LIBRESSL_NEXT_API in opensslfeatures.h
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:49:42 Modified files: lib/libcrypto : opensslfeatures.h Log message: Define OPENSSL_NO_DEPRECATED and OPENSSL_NO_EC2M in opensslfeatures.h ok beck jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:48:48 Modified files: lib/libcrypto/dsa: dsa_pmeth.c lib/libcrypto/ec: ec_pmeth.c lib/libcrypto/evp: c_all.c lib/libcrypto/hmac: hmac.h lib/libcrypto/rsa: rsa_pmeth.c Log message: Wire up truncated SHA-2, SHA-3 and related things from jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:47:29 Modified files: lib/libcrypto/sha: sha_internal.h Log message: Remove no longer necessary compat #defines
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:46:54 Modified files: lib/libcrypto/objects: obj_mac.num objects.txt Log message: Add NIDs for truncated SHA-2, SHA-3 and related things >From jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: phess...@cvs.openbsd.org2023/04/25 09:41:17 Modified files: sys/netinet6 : nd6_nbr.c Log message: When configuring a new address on an interface, an upstream router doesn't know where to send traffic. This will send an unsolicited neighbor advertisement, as described in RFC9131, to the all-routers multicast address so all routers on the same link will learn the path back to the address. This is intended to speed up the first return packet on an IPv6 interface. OK florian@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:34:07 Modified files: regress/lib/libcrypto/bn: bn_mod_exp.c Log message: bn_mod_exp: temporarily add a prototype for BN_mod_exp_recp()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:33:25 Modified files: regress/lib/libcrypto/bn: bn_test.c Log message: bn_test: temporarily add prototypes for reciprocal functions This is a hack needed until bn_local.h is updated
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:32:33 Modified files: regress/lib/libcrypto/bn: bn_test.c Log message: bn_test: BN_one() will become void, so stop checking it
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:30:03 Modified files: regress/lib/libcrypto/bn: bn_primes.c Log message: bn_primes: the NIST primes will go away, so remove their tests
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:29:17 Modified files: regress/lib/libcrypto/bio: Makefile Log message: The bio_asn1 test will need to be linked statically after the bump
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:19:28 Removed files: regress/lib/libcrypto/cts128: Makefile cts128test.c Log message: Remove CTS test
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 09:18:59 Modified files: regress/lib/libcrypto: Makefile Log message: CTS support will go away, so unhook corresponding regress
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 08:48:17 Modified files: sys/arch/i386/stand/boot: conf.c sys/arch/i386/stand/cdboot: conf.c sys/arch/i386/stand/libsa: biosdev.c sys/arch/i386/stand/pxeboot: conf.c Log message: Do not attempt to write to read-only softraid Bootloaders have no write support for softraid volumes, which manifests in, e.g. /bsd.upgrade not being stripped of its 'x' permission bit to prevent sysupgrade loops in case of upgrade failure. Set a no-write flag handled by libsa to bail out early in write calls. There should be no real behaviour change, writes just fail earlier now. i386 BIOS. Crank minor. Tested inside amd64 vmm.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 08:20:13 Modified files: distrib/miniroot: install.sub Log message: drop empty lines around disk crypto '?' help text
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 08:04:47 Modified files: sys/arch/riscv64/conf: RAMDISK Log message: Enable softraid(4) in the ramdisk kernel aka. make disk crypto install work GENERIC, efiboot and installboot(8) all have softraid enabled, the manual already documents boot support for riscv64, "just" bsd.rd lacks it. (thought I had committed this months ago...) SiFive HiFive Unmatched A00. OK patrick
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 08:00:35 Modified files: sys/arch/sparc64/stand/ofwboot: ofdev.c vers.c Log message: Do not attempt to write to read-only softraid Bootloaders have no write support for softraid volumes, which manifests in, e.g. /bsd.upgrade not being stripped of its 'x' permission bit to prevent sysupgrade loops in case of upgrade failure. Set a no-write flag handled by libsa to bail out early in write calls. There should be no real behaviour change, writes just fail earlier now. sparc64 ofwboot. Crank minor. Tested on T4-2 guest domain with root on softraid.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2023/04/25 07:36:01 Modified files: usr.sbin/snmpd : snmpd.conf.5 Log message: tiny markup fix: add missing Ic before `group' in the `agentx' rule OK martijn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2023/04/25 07:32:20 Modified files: usr.bin/mg : mg.1 Log message: mark up `mode' in -f description
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2023/04/25 06:51:07 Modified files: usr.sbin/vmctl : main.c vmctl.c Log message: vmctl(8): no longer needs vmmvar.h Finally! We can remove kernel headers from vmctl. ok mlarkin@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2023/04/25 06:46:13 Modified files: sys/arch/amd64/include: vmmvar.h usr.sbin/vmd : config.c loadfile.h loadfile_elf.c parse.y virtio.c virtio.h vm.c vmd.c vmd.h vmm.c usr.sbin/vmctl : vmctl.c Log message: vmm(4)/vmd(8): pull struct members out of vmm ioctl create struct. The object sent to vmm(4) contained file paths and details the kernel does not need for cpu virtualization as device emulation is in userland. Effectively, "pull up" the struct members from the vm_create_params struct to the parent vmop_create_params struct. This allows us to clean up some of vmd(8) and simplify things for switching to having vmctl(8) open the "kernel" file (SeaBIOS, bsd.rd, etc.) to allow users to boot recovery ramdisk kernels. ok mlarkin@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2023/04/25 06:36:30 Modified files: sys/uvm: uvm_map.c uvm_map.h Log message: Do not grab the `vmmaplk' recursively, prevent a self-deadlock. Change the semantic of vm_map_busy() to be able to completely unlock the `vmmaplk' instead of downgrading it to a read lock in mlock(2). This is necessary because uvm_fault_wire() tries to re-grab the same lock. We now keep track of the thread currently holding the vmmap busy to ensure it can relock & unbusy the vmmap. The new pattern becomes: vm_map_lock(map); vm_map_busy(map); /* prevent other threads to grab an exclusive lock */ vm_map_unlock(map); /* * Do some stuff generally requiring a tsleep(9). */ vm_map_lock(map); vm_map_unbusy(map); /* allow other threads to make progress after unlock */ vm_map_unlock(map); Fix adapted from NetBSD's r1.249 of uvm/uvm_map.c. Issue reported by Jacqueline Jolicoeur exposed by a "wallet refresh" of the Monero App. Panic hand-copied below: sleep_finish() rw_enter() uvmfault_lookup() uvm_fault_check() uvm_fault() uvm_fault_wire() uvm_map_pageable_wire() sys_mlock() ok kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 06:13:15 Modified files: sys/arch/octeon/stand/boot: Makefile sys/arch/powerpc64/stand/boot: Makefile Log message: Create & use variables MRDISKTYPE and MRMAKEFSARGS like all the other build makefiles. Fixes & ok kn@ No intentional functional change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2023/04/25 05:36:55 Modified files: sys/dev/fdt: dwpcie.c Log message: Enable power management for PCI devices. ok kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2023/04/25 05:21:01 Modified files: sys/dev/fdt: pwmbl.c Log message: Add suspend/resume support to pwmbl(4), so that when suspending the x13s the display turns off and it actually looks like it's properly suspended. ok kettenis@ tobhe@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: to...@cvs.openbsd.org 2023/04/25 05:12:38 Modified files: sys/dev/fdt: pwmleds.c Log message: Disable keyboard backlight on Apple Silicon laptops on suspend, restore on wakeup. ok patrick@ kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 05:03:37 Modified files: lib/libcrypto/pem: pem_all.c Log message: The #ifdef missed a few NETSCAPE_CERT things
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/04/25 04:56:58 Modified files: lib/libcrypto/x509: x509_lib.c Log message: Remove v3_sxnet from the standard extensions
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2023/04/25 04:35:48 Modified files: sys/arch/arm64/dev: agintc.c Log message: Invalidate ITS caches during suspend/resume cycle to commit the changes to the LPIs. So far we have only flipped the enable bit in the shared memory, but it turns out that the state is actually cached in the ITS. We have to send an invalidation to flush it, both after disabling and enabling the LPI. We probably also should do it after establishing an interrupt, and especially when disestablishing, e.g. for PCIe hotplug. Since we do not currently store the device/event IDs we cannot do a targeted invalidation and have to fall back to sending one that clears the whole cache to each ITS. In the future we should keep some more state per established LPI. Furthermore we currently keep a list of LPIs in each ITS instance, which means in case we have multiple ITS we will re-use LPI numbers. But since there's no relevant HW so far that has those, there's no rish to fix that. This fixes suspend/resume on x13s with NVMe+MSI. ok kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/04/25 04:18:39 Modified files: lib/libcrypto/x509: x509_set.c Log message: Invalidate the DER cache earlier on in X509 setter functions Note that it is important to invalidate the cache before returning, as the return might bubble up an error. OK tb@ jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 04:11:20 Modified files: sys/arch/amd64/stand/efiboot: conf.c efidev.c Log message: Do not attempt to write to read-only softraid Bootloaders have no write support for softraid volumes, which manifests in, e.g. /bsd.upgrade not being stripped of its 'x' permission bit to prevent sysupgrade loops in case of upgrade failure. Set a no-write flag handled by libsa to bail out early in write calls. There should be no real behaviour change, writes just fail earlier now. amd64 EFI bits, other architectues to come. Crank minor. "seems sensible" jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 04:06:12 Modified files: sys/arch/amd64/stand/boot: conf.c sys/arch/amd64/stand/cdboot: conf.c sys/arch/amd64/stand/libsa: biosdev.c sys/arch/amd64/stand/pxeboot: conf.c Log message: Do not attempt to write to read-only softraid Bootloaders have no write support for softraid volumes, which manifests in, e.g. /bsd.upgrade not being stripped of its 'x' permission bit to prevent sysupgrade loops in case of upgrade failure. Set a no-write flag handled by libsa to bail out early in write calls. There should be no real behaviour change, writes just fail earlier now. amd64 BIOS bits first, rest to come. Crank minor. "seems sensible" jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/04/25 03:46:36 Modified files: lib/libcrypto/x509: x509_r2x.c x509_req.c Log message: Use X509_set_version() and X509_REQ_set_version() instead doing it by hand A small side-effect in X509_to_X509_REQ() is that 'x->req_info->enc.modified' now earlier on is set to 1. OK tb@ jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2023/04/25 03:31:50 Modified files: usr.bin/tmux : tmux.h tty-term.c tty.c Log message: Tidy tparm wrapper functions to have more obvious names and check tparm return value.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2023/04/25 03:24:44 Modified files: usr.bin/tmux : tty.c Log message: Invalidate cached tty state after changing features since they may change what the terminal can do and need mouse sequences or similar to be sent again, GitHub issue 3513.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 02:57:11 Modified files: usr.sbin/makefs: ffs.c ffs.h makefs.8 Log message: Add option 'rdroot' to simplify creation of rdroot filesystems for the install media. No functional change to existing behaviour.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/04/25 02:44:19 Removed files: distrib/amd64/iso: template distrib/amd64/ramdisk_cd: template Log message: Delete now unused disklabel template files.