CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/29 08:36:13

Modified files:
etc/rc.d   : rc.subr 
usr.sbin/rcctl : rcctl.8 rcctl.sh 

Log message:
sync synopsis and usage, sort commands, fix their spacing

OK input lucas

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/23 14:44:24

Modified files:
etc/rc.d   : unbound 

Log message:
zap redundant "|| return 1";  OK lucas

unbound-checkconf(8) itself exits 1 on error already.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/23 14:38:49

Modified files:
share/man/man4 : netintro.4 

Log message:
document SIOCSIFMTU;  OK jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/23 14:37:42

Modified files:
share/man/man4 : netintro.4 

Log message:
sync struct defintions from headers; OK jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/15 13:39:26

Modified files:
share/man/man8 : rc.shutdown.8 

Log message:
Document when vmd(8) VMs are stopped;  OK mlarkin

Useful to know in setups where pkg daemons and VMs depend on each other.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/13 14:19:50

Modified files:
usr.bin/ktrace : subr.c 

Log message:
rectify comment about syncing trace points letters, kdump usage has none

kdump.c r1.138 in 2019 dropped the letters list in favour of [-t trstr].

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/09/08 23:36:17

Modified files:
sbin/sysctl: sysctl.8 sysctl.c 

Log message:
Add triple-dots to synopsis as multiple name[=value] arguments may be given

OK jmc sobrado

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/07/28 15:44:42

Modified files:
usr.bin/env: env.c 

Log message:
The dash must not come first in the getopt(3) string

Broken/sorted in previous -u addition, fix/move it to the end.
By tb

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/07/28 04:08:44

Modified files:
usr.bin/env: env.1 env.c 

Log message:
Support "-u name" to remove variable from environment

OK aisha millert
Feedback jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/06/16 12:00:08

Modified files:
sys/dev/pci: ahci_pci.c 

Log message:
Disable MSI on Zhaoxin ZX-100/ZX-200/ZX-E StorX to unhang SSD

The Unchartevice 6640MA's BIOS forces one of three SATA speeds:
- Gen1/2: bsd.rd reaches installer, but SSD does not attach
- Gen3:   bsd.rd attaches SSD but hangs

MSI works for iwm(4) and and xhci(4), only ahci(4) bugs out, so add a quirk
for this controller as done for a few other devices already:

ahci0 at pci0 dev 15 function 0 "Zhaoxin StorX AHCI" rev 0x01: apic 9 int 21, 
AHCI 1.3.1
-ahci0: device not communicating on port 0
+ahci0: port 0: 6.0Gb/s
scsibus0 at ahci0: 32 targets
+sd0 at scsibus0 targ 0 lun 0:  naa.5000
+sd0: 244198MB, 512 bytes/sector, 500118192 sectors, thin

OK kettenis

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/06/16 10:21:39

Modified files:
sys/dev/pci: pcidevs.h pcidevs_data.h 

Log message:
regen

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/06/16 10:20:51

Modified files:
sys/dev/pci: pcidevs 

Log message:
Add Zhaoxin vendor and AHCI product found in Unchartevice 6640MA notebook

https://www.devicekb.com/hardware/pci-vendors/ven_1d17 shows
"ZX-100/ZX-200/ZX-E StorX AHCI Controller" and the notebook has a bunch of
other devices, but only this one needs fixing so far.

Feedback jsg
OK deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/06/16 08:01:26

Modified files:
sys/arch/amd64/amd64: identcpu.c 

Log message:
Make GENERIC boot on ZHAOXIN KaiXian KX-6640MA

The Unchartevice 6640MA notebook comes with such a CentaurHauls CPU,
installs via RAMDISK_CD (with AHCI fix), but GENERIC would hang after
cpu0: 4MB 64b/line 16-way L2 cache

Pretty sure Intel TPM sensor code should run on Intel CPUs, anyway.

Idea from brynet
OK deraadt brynet

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/05/12 13:47:14

Modified files:
distrib/arm64/ramdisk: install.md 
distrib/miniroot: install.sub 

Log message:
Rerun installboot(8) after fw_update(8) to pick up Apple boot firmware

Firmware is fetched after bootstraps are installed, i.e. on fresh installs
apple-boot is not there yet when installboot ought to place it onto the EFI
System Partition.

Rerun --only on Apple silicon-- to replace Asahi u-boot and boot straight
into ours, nicely visible my different logo.

Input sthen deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/05/05 13:13:13

Modified files:
share/man/man4 : efi.4 

Log message:
start documenting ioctls

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/04/29 14:18:12

Modified files:
distrib/sets/lists/man: mi 
share/man/man4 : Makefile 
share/man/man4/man4.arm64: Makefile 
Added files:
share/man/man4 : efi.4 
Removed files:
share/man/man4/man4.arm64: efi.4 

Log message:
Turn efi(4/arm64) into MI efi(4), sync with reality;  OK kettenis

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/04/25 12:31:49

Modified files:
sys/lib/libsa  : softraid.c 
sys/arch/amd64/stand/boot: boot.8 
sys/arch/amd64/stand/efiboot: Makefile.common cmd_i386.c conf.c 
  efiboot.c efiboot.h 

Log message:
Add boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts

Enable users to power down their machines if there was no input after N
seconds during disk descryption.

Motivation is to save battery and prevent pocket heaters when notebooks
unhibernate (e.g. lid accidentially opened) and sit at "Passphrase: ".

Only available on efi(4) systems as the timeout is saved as EFI variable;
mostly because that's trivial to do, but also because we lack a better
mechanism to configure that and persist such data without the root disk.

Discussed with many, starting at h2k23
OK Tests gnezdo

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/04/16 22:36:40

Modified files:
distrib/arm64/ramdisk: install.md 

Log message:
Use $_disk consistently over $1 in md_installboot();  no functional change

Somehow I did not amend those right away when adding local _disk in r1.43

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/03/15 11:31:21

Modified files:
distrib/miniroot: install.sub 

Log message:
Backout "Move code into new stop_watchdog()"

An upgrade stalled on me, either my testing was flawed or my diff is...
Having stop_watchdog() is fine, but calling it in a different place has
is apparently too subtle for me to get right.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/03/15 10:29:32

Modified files:
distrib/miniroot: install.sub 

Log message:
Move code into new stop_watchdog()

We have {reset,start}_watchdog() which are only used in unattended upgrade
code, but stopping the background timer is done inline for all upgrades,
incl. interactive ones.

Relocate it out of the very end of do_upgrade() right after its only caller
and limit it to unattended upgrades to match where/how the timer is started.

OK afresh1

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/03/05 12:47:58

Modified files:
distrib/miniroot: install.sub 

Log message:
prune clang13 libLLVM;  OK sthen

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/03/05 11:54:29

Modified files:
libexec/security: security 

Log message:
backup disklabel for softraid(4) chunks

Extend "Check for changes to the disklabels of mounted disks" to those that
host online softraid volumes, e.g installations with root inside CRYPTO sd0a
(and EFI System partition on sd0i).

That produces /var/backup/disklabel.sd0.current, previously missing in such
setups;  noticed after someone dd(1)ed miniroot onto sd0 by accident and had
no disklabel(8) backup to restore.

Feedback OK bluhm

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/02/19 06:53:03

Modified files:
distrib/miniroot: install.sub 

Log message:
Avoid passphrase in temporary file

bioctl(8) uses readpassphrase(3) RPP_REQUITE_TTY, so always pass stdin,
but only use it over TTY with -s in unattended mode.

Prodding afresh1 sthen
"much better" sthen

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2024/02/11 14:56:10

Modified files:
distrib/miniroot: install.sub 

Log message:
Enable disk encryption in unattended installations

Interactively keeps using bioctl(8)'s own prompt, in unattended mode
ask_passphrase() ensures non-empty responses or fails.

Unlike user passwords, autoinstall(8) only supports plaintext passphrases:
Encrypt the root disk with a (p)assphrase or (k)eydisk = passphrase
New passphrase = secret
Make sure to trust the install network or use a pre-configured key disk:
Encrypt the root disk with a (p)assphrase or (k)eydisk = keydisk
Which disk contains the key disk = sd2
Which sd2 partition is the key disk = a

initial diff from Chris Narkiewicz
OK afresh1
Feedback sthen

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/12/23 16:03:00

Modified files:
usr.bin/ftp: main.c 

Log message:
Relax -C pledge to unbreak shelling out in interactive mode

r1.69 introduced -C in 2008 "to continue multiple transfers";
'ftp -C ftp://ftp.eu.openbsd.org/' lands in "ftp> " and turns "mget"
into "reget" by default.

r1.139 -C/resume without "proc exec" thusly was too strict.
Instead, now after recent cleanups/tweaks, prevent execution with -o.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/12/15 03:28:57

Modified files:
usr.bin/ftp: main.c 

Log message:
No interactive shell if -o is given

After r1.140 and r1.144 fixed -o '' and clenaed up option handling,
respectively, avoid the "ftp> " shell if any output file was specified.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/12/13 05:14:10

Modified files:
regress/usr.bin/ftp: Makefile 

Log message:
remove -o  cases;  reminded by anton

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/12/12 15:00:43

Modified files:
usr.bin/ftp: main.c 

Log message:
Make -o less special, drop -o '' support, always use last value

ftp(1) says -o is about a single file/URL, but option handling takes the
empty string as "reset previous -o value", which makes little sense, is
undocumented and counter-intuitively works as if no -o was specified.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/30 07:52:00

Modified files:
usr.bin/ftp: main.c 

Log message:
Single file to stdout without "fattr"

Regardless of SMALL and other command flags, 'ftp -o - URL [file|URL ...]'
only processes the first URL and exists.

Only standard output is written to and modifying 'struct stat' properties
as per pledge(2) "fattr" don't apply.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/30 07:51:32

Modified files:
usr.bin/ftp: main.c 

Log message:
Fold identical pledge cases, '#ifndef SMALL \n if (!resume)' equals 'else'

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/27 02:29:48

Modified files:
usr.sbin/slaacctl: slaacctl.8 

Log message:
interfacename -> interface to match usage and other manuals;  OK florian

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/21 19:20:54

Modified files:
usr.bin/ftp: main.c 

Log message:
Piping single file to standard out needs no "proc exec"

'-o -' now means no "ftp> " shell, so no "|some cmd" files, "!some cmd" or
"page" commands.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/20 10:48:27

Modified files:
usr.bin/kdump  : Makefile mkioctls 

Log message:
Include  to pretty print EFIIOC_* ioctls

No base usage yet, only efivar(1) from sysutils/efivar.

OK guenther

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/20 10:43:51

Modified files:
usr.bin/kdump  : Makefile mkioctls 

Log message:
Sort includes,  before 

For/OK guenther

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/15 13:23:19

Modified files:
sys/sys: disk.h 
sys/kern   : subr_disk.c 

Log message:
Constify disk_map()'s path argument

The disklabel UID passed in is not modified, reflect that and allow callers
using 'const char *'.

OK miod

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/10 02:17:02

Modified files:
bin/ps : ps.1 ps.c 

Log message:
accept numerical user IDs

Turn [-U username] into [-U user] to match top(1)/pgrep(1)/fstat(1) -U/-u
taking both "root" and "0".

Feedback OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 11:54:15

Modified files:
bin/pax: ar_io.c pax.c 

Log message:
Tighten pledge in List and Append mode:

Drop "wpath cpath fattr dpath" in read-only:
-  cpio -i -t < test.tar
-  pax < test.tar
-  tar -t -f test.tar

Drop "cpath fattr dpath" in read-write:
-  echo foo | cpio -o -A -H ustar -O test.tar
-  tar -r -f test.tar foo
-  pax -w -a -f test.tar foo

Other modes remain unchanged and thus can create or modify files.

Feedback OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 11:19:00

Modified files:
usr.bin/ftp: main.c 

Log message:
-C/resume without "proc exec"

ftp(1) has "proc exec" to run sh(1) on interactive ! commands and filenames
starting with "|";  this is orthogonal to continuing transfers using the
existing file size as offsets.

There seems to be no case where a) the argument is an URL, i.e. we pledge,
and b) a shell is spawned somehow, so avoid these promises when resuming.

bsd.port.mk(5) FETCH_CMD uses -C by default.

OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 08:43:28

Modified files:
usr.bin/kdump  : kdump.1 kdump.c 

Log message:
Add [-P progam] to filter dumps by basename

[-p pid] requires knowing the PIDs beforehand, sieving through big
dumps by argv[0] strings is more ergonomic.

OK deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 07:26:34

Modified files:
sys/arch/sparc64/include: boot_flag.h 
sys/arch/sparc64/sparc64: autoconf.c 
sys/arch/sparc64/stand/ofwboot: elf64_exec.c vers.c 

Log message:
Finish clean up of old 6.7 softraid migration code

All combos of no/CRYPTO softraid, old/new ofwboot, old/new kernel do boot.

OK stsp

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 06:47:28

Modified files:
sbin/mount_nfs : mount_nfs.8 

Log message:
sort .xr after previous;  from jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/11/09 05:47:05

Modified files:
sbin/mount : mount.8 
sbin/mount_nfs : mount_nfs.8 

Log message:
link to showmount(8);  OK deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/29 05:27:11

Modified files:
usr.sbin/relayd: parse.y relay.c relayd.conf.5 
usr.sbin/httpd : httpd.conf.5 
etc/examples   : relayd.conf 

Log message:
Unmention/don't explain SSL, drop 9y old "ssl" keyword/deprecation warning

Switch "ssl" to "tls" in relayd.conf(5) if you haven't done so in the last
ten years, "ssl" is now an error.

Say "TLS" not "SSL/TLS" and drop the primer in the TLS RELAYS section.

OK benno

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/20 14:16:43

Modified files:
.  : macppc.html sparc64.html 

Log message:
use cmdbox for OpenFirmware commands;  OK tj

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/20 13:58:16

Modified files:
sys/arch/powerpc64/stand/rdboot: cmd.c rdboot.c 

Log message:
Adopt MI re-upgrade prevention

In comparison to MI boot which only cares about /bsd.upgrade's x bit,
powerpc64 rdboot just wants a regular file.

Require and strip u+x before execution to prevent sysupgrade(8) loops.

OK kettenis

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/20 13:55:50

Modified files:
sys/arch/octeon/stand/rdboot: cmd.c rdboot.c 

Log message:
Adopt MI re-upgrade prevention

In comparison to MI boot which only cares about /bsd.upgrade's x bit,
octeon rdboot just wants a regular file.

Require and strip u+x before execution to prevent sysupgrade(8) loops.

OK kettenis

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/20 10:49:43

Modified files:
faq: faq14.html 

Log message:
Zap obvious/duplicate bits, clarify key disk usage, fix bsd.rd name;  OK tj

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/19 12:39:46

Modified files:
distrib/notes  : m4.common 

Log message:
root disk can be enrypted with a key disk now

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/18 20:43:58

Modified files:
distrib/notes  : packages 

Log message:
Reduce unpractical package URL to usual package name; OK deraadt

This section about ports/packages really wants a revamp, though...

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/18 20:39:06

Modified files:
distrib/miniroot: install.sub 

Log message:
Support encrypting the root disk with a key disk

Extend the yes/no question to no/passphrase/keydisk and have users pick an
existing, preformated RAID partition;  no support (yet) for creating one.

OK tb afresh1

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/16 09:43:47

Modified files:
faq: upgrade74.html 

Log message:
hint at softraid KDF iterations update

"seems alright to me" op
feedback kmos

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/15 16:36:28

Modified files:
faq: upgrade74.html 

Log message:
consistently mark up all occurences of operator and _shutdown

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/15 03:49:57

Modified files:
bin/pax: pax.c 

Log message:
Pledge once with or without "proc exec", not twice

Spotted while comparing ktraces between 'tar -z' and 'gzcat | tar -f-'.

Only the former runs, e.g. gzip(1), but the latter also pledges theses promises
just to pledge again immediately afterwards without them.

Make the calls mutually exclusive so 'tar -f-' et al. skip the first pledge
and thus never have "proc exec" to begin wth.

"looks good to me" mbuhl
OK millert

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/12 06:31:15

Modified files:
usr.sbin/sysupgrade: sysupgrade.sh 

Log message:
Remove default sets answer

The autoinstall(8) response file contains only non-defaults, except for
Set name(s)? (or 'abort' or 'done') [done] done
which is the hardcoded default since 2009.

Added in 2019 r1.23 "Let sysupgrade(8) create auto_upgrade.conf file [...]"
with all others, remove the exception.

OK florian

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/11 15:53:22

Modified files:
.  : 74.html 

Log message:
typofix, add installer changes wrt. arm64 and disk crypto

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/11 11:53:52

Modified files:
distrib/amd64/common: install.md 
distrib/arm64/ramdisk: install.md 
distrib/riscv64/ramdisk: install.md 

Log message:
Remove dead CRYPTOCHUNK usage

install.sub r1.1245 "Ask for disk crypto after root disk question" got rid
of global CRYPTO* variables;  no functional change.

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/10/08 13:35:55

Modified files:
faq: upgrade73.html 

Log message:
add missing command to install puppet server

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/07 06:20:10

Modified files:
sbin/bioctl: bioctl.c 

Log message:
Retry on empty passphrase

They must not be empty, or else creation/unlock fails (and boot loaders
would not be able to abort and drop back to the boot> prompt).

[-p passfile] handles this with "invalid passphrase length", so align
the interactive prompt and retry there.

-s remains a one-shot whilst getting a better error message.

This is user friendlier and fixes the last installer "bug" on my list
wrt. disk encryption where hitting Enter twice at the passphrase prompt
would abort bioctl(8) and thus the installation.

OK deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/06 03:55:02

Modified files:
sbin/bioctl: bioctl.c 

Log message:
rename pass{word -> file} variable

It contains the path to the file containing a passphrase;
password reads misleading and was also the only usage of "word" in contrast
to consistent "phrase" usage.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/06 03:34:20

Modified files:
sys/arch/sparc64/stand/ofwboot: elf64_exec.c vers.c 

Log message:
clean up old 6.7 softraid migration code

ofwboot still passes an old/small .openbsd.bootdata size from before 6.7
when boothowto was added.

Report the exact size from now on such that a future diff can rectify
the corresponding check in autoconf.c:bootstrap().

All this was done to keep old/new bootloaders working with new/old kernels,
but 6.7 is long gone and we should all be running current code.

OK stsp

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/10/05 05:58:35

Modified files:
distrib/notes  : m4.common 
distrib/notes/alpha: features 
distrib/notes/amd64: features 
distrib/notes/arm64: features 
distrib/notes/armv7: features 
distrib/notes/hppa: features 
distrib/notes/i386: features 
distrib/notes/landisk: features 
distrib/notes/loongson: features 
distrib/notes/luna88k: features 
distrib/notes/macppc: features 
distrib/notes/octeon: features 
distrib/notes/powerpc64: features 
distrib/notes/riscv64: features 
distrib/notes/sparc64: features 

Log message:
Mention the option to encrypt the root disk on supported architectures

with miod

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/09/21 06:11:34

Modified files:
sys/arch/powerpc64/conf: RAMDISK 

Log message:
enable softraid(4) in ramdisk

No boot support as per manual, but it already has bio(4) and bioctl(8);
complete enable use of software RAID.

OK, run-tested gkoehler

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/09/18 04:50:54

Modified files:
.  : events.html 

Log message:
merge 2023 entries

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/09/18 04:27:29

Modified files:
.  : events.html 
Added files:
papers : eurobsdcon2023-kn-installer.pdf 

Log message:
EuroBSDCon 2023 is over, add my slides

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/09/08 14:47:23

Modified files:
sys/arch/amd64/include: biosvar.h 
sys/arch/amd64/amd64: machdep.c 

Log message:
Clean up old console bootargs

7.3 is long gone, you must have new bootloaders and new kernels.
Zaps both condition and else block, unindent and merge lines where fit.

Feedback OK kettenis
Tests OK denis

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/09/02 04:18:45

Modified files:
usr.sbin/dhcpd : dispatch.c 

Log message:
Fix comment about skipped interfaces

After r1.44 "Start on DOWN interfaces" this sentence makes no sense
and just repeats the obvious conditions, so zap it.

With/OK stsp

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/09/02 03:14:47

Modified files:
sbin/bioctl: bioctl.8 bioctl.c 

Log message:
Use a hardware based number of KDF rounds by default for passphrases

When creating new crypto volumes with a passphrase or updating one, pick a
number of rounds that aims to take around 1s instead of just 16 (on X230 and
T14 machines, 16 rounds unlock pretty much instantly).

New default [-r auto] never decreases rounds, only explicit '-r N' can.
16 is the absolute minimum.

Motivation is to provide a saner and more modern default, especially for
fresh installations utilizing new disk encryption question.

Prodding for new default from and OK jsing on early "-r auto" installer diff
idea to to pick MAX(auto, old-rounds) from Lucas[AT sexy DOT is]
"seems acceptable to me" deraadt
Feedback kettenis sthen
OK op

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/30 11:40:08

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
cover failure on insecure passfiles

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/30 11:21:40

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
exercise [-p passfile]  (this is not a keydisk)

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/30 10:45:57

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
verify that the number of rounds does not decrease

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 12:56:07

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
cover force recreation (with smallest non-default number of rounds)

The idea is for a later diff to inspect -v output wrt. chosen number of
rounds in order to a) test -r behaviour and b) confirm that '-Cforce -rN'
that a value has been recreated (output is identical for attach an create).

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 11:55:51

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
rename target to reflect reality

Volumes can be recreated, but the same chunk cannot be used twice.
This is what '-C force' is for.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 10:58:14

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
= ought to be += in previous

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 09:59:38

Modified files:
regress/sbin/bioctl: Makefile 

Log message:
cover expected failures for volume recreation and the empty passphrase

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 08:33:55

Modified files:
distrib/miniroot: install.sub 

Log message:
No need to make_dev() existing root device in disk crypto question

Since r1.1245 encrypt_root() happens immediately after get_rootinfo().
the latter creates device files for the root disk (and aborts if make_dev()
fails), so encrypt_root()'s call on the softraid chunk is purely redundant.

Hoist _chunk definition into declaration while here.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 08:25:22

Modified files:
regress/usr.sbin/installboot: Makefile 

Log message:
most tests need root, add targets using ${SUDO} to REGRESS_ROOT_TARGETS

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 02:59:18

Modified files:
distrib/miniroot: install.sub 

Log message:
Remove retry loop crutch around disk passphrase prompt

bioctl(8) now retries itself on mismatch so the installer continues until
the passphrase is confirmed correctly (like for the root password) instead
of bailing out after three failed attempts.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 02:33:11

Modified files:
sbin/bioctl: bioctl.8 bioctl.c 

Log message:
Retry passphrase on mismatch by default

Gracefully prompt again during interactive creation and passphrase change on
CRYPTO/1C volumes when confirmation fails instead of exiting, so bioctl(8)
behaves more like passwd(1) in this regard.

Use -s aka. non-interactive scripting mode to try just once.

Input OK jsing op

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/21 02:13:37

Modified files:
sbin/bioctl: bioctl.c 

Log message:
Print softraid(4) errors on standard error

INFO messages remain on stdin, WARN/ERROR go to stderr as usual to make
silencing and scripting bioctl(8) easier.

OK op jsing

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/20 17:19:00

Added files:
regress/sbin/bioctl: Makefile 

Log message:
First tests for bioctl(8), start with scripted creation + passphrase change

These are meant for CLI bits like passphrase hashing, error handling and
interactive vs. scripted behaviour.

regress/sys/dev/softraid/ and stuff like regress/usr.sbin/installboot/
already test specific softraid(4) disciplines and disk handling.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/20 16:38:49

Modified files:
regress/usr.sbin/installboot: Makefile 

Log message:
stricter devname match on bioctl(8) output avoids false positives on failure

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/20 16:00:36

src/regress/sbin/bioctl

Update of /cvs/src/regress/sbin/bioctl
In directory cvs.openbsd.org:/cvs.d/hack/kn/src/regress/sbin/bioctl

Log Message:
Directory /cvs/src/regress/sbin/bioctl added to the repository

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/18 08:10:33

Modified files:
bin/md5: cksum.1 md5.1 

Log message:
use imperative tense consistently;  OK jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/18 08:09:19

Modified files:
sbin/bioctl: bioctl.8 bioctl.c 

Log message:
Make -s read passphrases without prompts or confirmation

-s for non-interactive usage disables prompts, but still silently expects
two inputs, which is neither intuitive nor ergonomic.

Fix this get sane scriptable behaviour and documentation.

Feedback OK jsing op

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/14 02:56:21

Modified files:
distrib/special/bioctl: Makefile 
distrib/special/chmod: Makefile 
distrib/special/dhcpleased: Makefile 
distrib/special/disklabel: Makefile 
distrib/special/fdisk: Makefile 
distrib/special/fsck: Makefile 
distrib/special/fsck_ext2fs: Makefile 
distrib/special/fsck_ffs: Makefile 
distrib/special/fsck_msdos: Makefile 
distrib/special/ksh: Makefile 
distrib/special/ln: Makefile 
distrib/special/mknod: Makefile 
distrib/special/mount: Makefile 
distrib/special/mount_cd9660: Makefile 
distrib/special/mount_ext2fs: Makefile 
distrib/special/mount_ffs: Makefile 
distrib/special/mount_msdos: Makefile 
distrib/special/mount_nfs: Makefile 
distrib/special/mount_udf: Makefile 
distrib/special/newfs_ext2fs: Makefile 
distrib/special/newfs_msdos: Makefile 
distrib/special/pdisk: Makefile 
distrib/special/reboot: Makefile 
distrib/special/resolvd: Makefile 
distrib/special/route: Makefile 
distrib/special/slaacd: Makefile 
distrib/special/sync: Makefile 
distrib/special/umount: Makefile 

Log message:
zap useless MAN bits

distrib/special/Makefile.inc sets MAN= NOMAN=1, thus setting MAN* in
distrib/special/*/Makefile is useless;  no manuals in the installer.

disklabel(8) and fdisk(8) remain exceptions with their NOMAN handling
as they embed their manual for use with interactive commands.

OK miod

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/10 11:09:34

Modified files:
distrib/miniroot: install.sub 

Log message:
Always create new softraid CRYPTO volume, do not reuse existing one

The bioctl(8) command to create new and unlock old volumes is the same.
Use `-C force' to prevent reuse, which happens with, e.g. aborted/restarted
encrypted installations past the question or installations onto an old disk.

OK naddy sthen deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/10 01:50:45

Modified files:
usr.sbin/ldomctl: ldomctl.c 

Log message:
Make stopped ldom utilization appear as zero

ldomctl(8) 'status' updated the value only on running guests,
i.e. stopped ones repeated the last ones instead of showing zero.

Always reset per guest before updating it, From Koakuma, thanks!

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/08/02 02:51:16

Modified files:
distrib/miniroot: install.sub 

Log message:
Simplify disk encryption question

The yes/no question was mistaken as actual passphrase prompt and/or details
in parentheses were taken as option list (despite the lack of commas).

Unmention the only disk encryption mechanism we support and simply ask
whether to protect the root disk with a passphrase or not (still yes/no).

Prodded by solene, feedback from many
Wording from naddy, similar wording from sthen
OK naddy sthen deraadt afresh1

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/25 08:51:38

Modified files:
distrib/special: Makefile 
Removed files:
distrib/special/dhclient: Makefile 

Log message:
stop building unused dhclient

replaced by dhcpleased in 2021, no install media ships dhclient anymore.

OK florian

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/23 17:42:03

Modified files:
bin/ksh: main.c var.c 
distrib/special/ksh: Makefile 

Log message:
avoid MAIL* environment variables to save a few bytes in install media

ksh(1) MAIL, MAILCHECK, MAILPATH mbox handling is useless in the installer.

OK miod deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/23 17:21:19

Modified files:
sbin/mount : mount.c 
distrib/special/mount: Makefile 

Log message:
use SMALL to save a shave mfs and tmpfs bits in install media

RAMDISK* has MFS and TMPFS disabled, so the installer can't use them.

OK deraadt

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/15 17:01:25

Modified files:
share/man/man9 : namei.9 

Log message:
sync with ;  'looks good' deraadt

Document missing struct nameidata members and fix one member's const-ness.
Add REALPATH flag from 2019.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/08 09:01:09

Modified files:
distrib/miniroot: install.sub 

Log message:
Floppies don't have bioctl(8)

The installer always checks for softraid using it, skip if unavailable.

Apply the usual idiom in encrypt_root() to silence stderr noise.

Do so in do in get_softraid_chunks() as well which is always called in
get_dkdevs_unitialized() and finish_up();  get_softraid_chunks() discards
stderr and both users still do the right thing on bioctl failure/empty
output from get_dkdevs_unitialized(), but there's no point in trying plus
the idiom clarifies how this code is indeed used on floppies.

Found and tested by krw
OK deraadt krw

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/06 15:08:50

Modified files:
sbin/bioctl: bioctl.8 

Log message:
Rectify -s lie

-s to read passphrases from stdin can indeed be used for creation.

OK jmc

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/06 14:53:53

Modified files:
share/man/man9 : refcnt_init.9 

Log message:
missed refcnt_init_trace in NAME

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/06 14:51:31

Modified files:
share/man/man9 : refcnt_init.9 

Log message:
Document dt(4)'s refcnt_init_trace

"yes please" mvs
Input jca

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/06 13:46:53

Modified files:
sys/sys: refcnt.h 
sys/net: if_ethersubr.c 
sys/netinet: if_ether.h 
sys/dev/dt : dt_prov_static.c 

Log message:
use refcnt API for multicast addresses, add tracepoint:refcnt:ethmulti probe

Replace hand-rolled reference counting with refcnt_init(9) and hook it up
with a new dt(4) probe.

OK mvs
Feedback OK bluhm

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/05 06:58:55

Modified files:
sys/arch/amd64/amd64: trap.c 

Log message:
Drop kernel lock before panic to avoid WITNESS report during fault

holding a spinlock, eg. malloc's malloc_mutex in "Data modified on freelist ..."
triggers "acquiring blockable sleep lock with spinlock or critical section held"
since kpageflttrap() grabs the kernel lock before fault() to serialise multiple
threds/faults avoid interleaved console text.

But fault() immediately sets the per-CPU panic string, so the kernel lock does
not really help here.

Use 'show panic' to recover from garbled console text if need be, as usual.
The i386 equivalent does not use the kernel lock, either.

OK bluhm kettenis

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/03 09:52:51

Modified files:
sys/net: if_ethersubr.c 

Log message:
use consistent queue(9) example for LIST removal;  OK bluhm mvs

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/07/03 01:40:52

Modified files:
sys/dev/pv : if_vio.c 

Log message:
typofix lladdr in function names;  OK deraadt jan