CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: dera...@cvs.openbsd.org 2024/02/11 22:39:58 Modified files: . : innovations.html Log message: improve sentence
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/02/11 19:57:14 Modified files: sys/arch/amd64/amd64: cpu.c vmm_machdep.c Log message: Intel and AMD use different cpuid bits for MSR_PRED_CMD IBPB ok guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2024/02/11 18:18:18 Modified files: sys/arch/amd64/amd64: cpu.c genassym.cf locore.S vector.S vmm_machdep.c sys/arch/amd64/include: codepatch.h cpu.h Log message: Retpolines are an anti-pattern for IBT, so we need to shift protecting userspace from cross-process BTI to the kernel. Have each CPU track the last pmap run on in userspace and the last vmm VCPU in guest-mode and use the IBPB msr to flush predictors right before running in userspace on a different pmap or entering guest-mode on a different VCPU. Codepatch-nop the userspace bits and conditionalize the vmm bits to keep working if IBPB isn't supported. ok deraadt@ kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/02/11 14:56:10 Modified files: distrib/miniroot: install.sub Log message: Enable disk encryption in unattended installations Interactively keeps using bioctl(8)'s own prompt, in unattended mode ask_passphrase() ensures non-empty responses or fails. Unlike user passwords, autoinstall(8) only supports plaintext passphrases: Encrypt the root disk with a (p)assphrase or (k)eydisk = passphrase New passphrase = secret Make sure to trust the install network or use a pre-configured key disk: Encrypt the root disk with a (p)assphrase or (k)eydisk = keydisk Which disk contains the key disk = sd2 Which sd2 partition is the key disk = a initial diff from Chris Narkiewicz OK afresh1 Feedback sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/02/11 14:36:49 Modified files: sys/kern : uipc_socket.c Log message: Release `sb_mtx' mutex(9) before sbunlock(). ok bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/02/11 14:29:12 Modified files: lib/libkvm : kvm_file2.c sbin/slaacd: engine.c frontend.c sbin/sysctl: sysctl.c usr.sbin/rad : frontend.c Log message: Remove needless includes of netinet6/ip6_var.h header in userland. OK millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/02/11 11:14:27 Modified files: sys/kern : uipc_socket.c uipc_socket2.c sys/netinet: ip_divert.c ip_mroute.c raw_ip.c udp_usrreq.c sys/netinet6 : ip6_divert.c ip6_mroute.c raw_ip6.c sys/sys: socketvar.h Log message: Use `sb_mtx' instead of `inp_mtx' in receive path for inet sockets. In soreceve(), we only touch `so_rcv' socket buffer, which has it's own `sb_mtx' mutex(9) for protection. So, we can avoid solock() in this path - it's enough to hold `sb_mtx' in soreceive() and around corresponding sbappend*(). But not right now :) This time we use shared netlock for some inet sockets in the soreceive() path. To protect `so_rcv' buffer we use `inp_mtx' mutex(9) and the pru_lock() to acquire this mutex(9) in socket layer. But the `inp_mtx' mutex belongs to the PCB. We initialize socket before PCB, tcp(4) sockets could exist without PCB, so use `sb_mtx' mutex(9) to protect sockbuf stuff. This diff mechanically replaces `inp_mtx' by `sb_mtx' in the receive path. Only for sockets which already use `inp_mtx'. All other sockets left as is. They will be converted later. Since the `sb_mtx' is optional, the new SB_MTXLOCK flag introduced. If this flag is set on `sb_flags', the `sb_mtx' mutex(9) should be taken. New sb_mtx_lock() and sb_mtx_unlock() was introduced to hide this check. They are temporary and will be replaced by mtx_enter() when all this area will be converted to `sb_mtx' mutex(9). Also, the new sbmtxassertlocked() function introduced to throw corresponding assertion for SB_MTXLOCK marked buffers. This time only sbappendaddr() calls it. This function is also temporary and will be replaced by MTX_ASSERT_LOCKED() later. ok bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/02/11 09:01:09 Modified files: sys/dev/fdt: rkpinctrl.c Log message: Fix potential out-of-bounds array access. Found by smatch, reported by and ok jsg@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: o...@cvs.openbsd.org2024/02/11 02:33:38 Modified files: . : want.html Log message: remove my request for a laptop, generously taken care of by Cage
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2024/02/11 02:24:26 Modified files: usr.sbin/smtpd : makemap.c smtpd.h table_static.c util.c Log message: unify smtpd and makemap table parser These are supposed to parse the same file format but have subtle difference in the handling of comments, continuation lines and escaping. Converge both to the simpler smtpd parser which doesn't handle continuation lines nor escaping, and support comments only at the start of the line. improvements and ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/02/11 01:40:37 Modified files: sys/lib/libz : zconf.h Log message: sync with src
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/02/11 01:40:06 Modified files: lib/libz : zconf.h Log message: libz: more windows ifdef turd shining from upstream