CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/29 08:36:13 Modified files: etc/rc.d : rc.subr usr.sbin/rcctl : rcctl.8 rcctl.sh Log message: sync synopsis and usage, sort commands, fix their spacing OK input lucas
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/23 14:44:24 Modified files: etc/rc.d : unbound Log message: zap redundant "|| return 1"; OK lucas unbound-checkconf(8) itself exits 1 on error already.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/23 14:38:49 Modified files: share/man/man4 : netintro.4 Log message: document SIOCSIFMTU; OK jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/23 14:37:42 Modified files: share/man/man4 : netintro.4 Log message: sync struct defintions from headers; OK jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/15 13:39:26 Modified files: share/man/man8 : rc.shutdown.8 Log message: Document when vmd(8) VMs are stopped; OK mlarkin Useful to know in setups where pkg daemons and VMs depend on each other.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/13 14:19:50 Modified files: usr.bin/ktrace : subr.c Log message: rectify comment about syncing trace points letters, kdump usage has none kdump.c r1.138 in 2019 dropped the letters list in favour of [-t trstr].
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/09/08 23:36:17 Modified files: sbin/sysctl: sysctl.8 sysctl.c Log message: Add triple-dots to synopsis as multiple name[=value] arguments may be given OK jmc sobrado
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/07/28 15:44:42 Modified files: usr.bin/env: env.c Log message: The dash must not come first in the getopt(3) string Broken/sorted in previous -u addition, fix/move it to the end. By tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/07/28 04:08:44 Modified files: usr.bin/env: env.1 env.c Log message: Support "-u name" to remove variable from environment OK aisha millert Feedback jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/06/16 12:00:08 Modified files: sys/dev/pci: ahci_pci.c Log message: Disable MSI on Zhaoxin ZX-100/ZX-200/ZX-E StorX to unhang SSD The Unchartevice 6640MA's BIOS forces one of three SATA speeds: - Gen1/2: bsd.rd reaches installer, but SSD does not attach - Gen3: bsd.rd attaches SSD but hangs MSI works for iwm(4) and and xhci(4), only ahci(4) bugs out, so add a quirk for this controller as done for a few other devices already: ahci0 at pci0 dev 15 function 0 "Zhaoxin StorX AHCI" rev 0x01: apic 9 int 21, AHCI 1.3.1 -ahci0: device not communicating on port 0 +ahci0: port 0: 6.0Gb/s scsibus0 at ahci0: 32 targets +sd0 at scsibus0 targ 0 lun 0: naa.5000 +sd0: 244198MB, 512 bytes/sector, 500118192 sectors, thin OK kettenis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/06/16 10:21:39 Modified files: sys/dev/pci: pcidevs.h pcidevs_data.h Log message: regen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/06/16 10:20:51 Modified files: sys/dev/pci: pcidevs Log message: Add Zhaoxin vendor and AHCI product found in Unchartevice 6640MA notebook https://www.devicekb.com/hardware/pci-vendors/ven_1d17 shows "ZX-100/ZX-200/ZX-E StorX AHCI Controller" and the notebook has a bunch of other devices, but only this one needs fixing so far. Feedback jsg OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/06/16 08:01:26 Modified files: sys/arch/amd64/amd64: identcpu.c Log message: Make GENERIC boot on ZHAOXIN KaiXian KX-6640MA The Unchartevice 6640MA notebook comes with such a CentaurHauls CPU, installs via RAMDISK_CD (with AHCI fix), but GENERIC would hang after cpu0: 4MB 64b/line 16-way L2 cache Pretty sure Intel TPM sensor code should run on Intel CPUs, anyway. Idea from brynet OK deraadt brynet
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/05/12 13:47:14 Modified files: distrib/arm64/ramdisk: install.md distrib/miniroot: install.sub Log message: Rerun installboot(8) after fw_update(8) to pick up Apple boot firmware Firmware is fetched after bootstraps are installed, i.e. on fresh installs apple-boot is not there yet when installboot ought to place it onto the EFI System Partition. Rerun --only on Apple silicon-- to replace Asahi u-boot and boot straight into ours, nicely visible my different logo. Input sthen deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/05/05 13:13:13 Modified files: share/man/man4 : efi.4 Log message: start documenting ioctls
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/04/29 14:18:12 Modified files: distrib/sets/lists/man: mi share/man/man4 : Makefile share/man/man4/man4.arm64: Makefile Added files: share/man/man4 : efi.4 Removed files: share/man/man4/man4.arm64: efi.4 Log message: Turn efi(4/arm64) into MI efi(4), sync with reality; OK kettenis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/04/25 12:31:49 Modified files: sys/lib/libsa : softraid.c sys/arch/amd64/stand/boot: boot.8 sys/arch/amd64/stand/efiboot: Makefile.common cmd_i386.c conf.c efiboot.c efiboot.h Log message: Add boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts Enable users to power down their machines if there was no input after N seconds during disk descryption. Motivation is to save battery and prevent pocket heaters when notebooks unhibernate (e.g. lid accidentially opened) and sit at "Passphrase: ". Only available on efi(4) systems as the timeout is saved as EFI variable; mostly because that's trivial to do, but also because we lack a better mechanism to configure that and persist such data without the root disk. Discussed with many, starting at h2k23 OK Tests gnezdo
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/04/16 22:36:40 Modified files: distrib/arm64/ramdisk: install.md Log message: Use $_disk consistently over $1 in md_installboot(); no functional change Somehow I did not amend those right away when adding local _disk in r1.43
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/03/15 11:31:21 Modified files: distrib/miniroot: install.sub Log message: Backout "Move code into new stop_watchdog()" An upgrade stalled on me, either my testing was flawed or my diff is... Having stop_watchdog() is fine, but calling it in a different place has is apparently too subtle for me to get right.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/03/15 10:29:32 Modified files: distrib/miniroot: install.sub Log message: Move code into new stop_watchdog() We have {reset,start}_watchdog() which are only used in unattended upgrade code, but stopping the background timer is done inline for all upgrades, incl. interactive ones. Relocate it out of the very end of do_upgrade() right after its only caller and limit it to unattended upgrades to match where/how the timer is started. OK afresh1
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/03/05 12:47:58 Modified files: distrib/miniroot: install.sub Log message: prune clang13 libLLVM; OK sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/03/05 11:54:29 Modified files: libexec/security: security Log message: backup disklabel for softraid(4) chunks Extend "Check for changes to the disklabels of mounted disks" to those that host online softraid volumes, e.g installations with root inside CRYPTO sd0a (and EFI System partition on sd0i). That produces /var/backup/disklabel.sd0.current, previously missing in such setups; noticed after someone dd(1)ed miniroot onto sd0 by accident and had no disklabel(8) backup to restore. Feedback OK bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/02/19 06:53:03 Modified files: distrib/miniroot: install.sub Log message: Avoid passphrase in temporary file bioctl(8) uses readpassphrase(3) RPP_REQUITE_TTY, so always pass stdin, but only use it over TTY with -s in unattended mode. Prodding afresh1 sthen "much better" sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2024/02/11 14:56:10 Modified files: distrib/miniroot: install.sub Log message: Enable disk encryption in unattended installations Interactively keeps using bioctl(8)'s own prompt, in unattended mode ask_passphrase() ensures non-empty responses or fails. Unlike user passwords, autoinstall(8) only supports plaintext passphrases: Encrypt the root disk with a (p)assphrase or (k)eydisk = passphrase New passphrase = secret Make sure to trust the install network or use a pre-configured key disk: Encrypt the root disk with a (p)assphrase or (k)eydisk = keydisk Which disk contains the key disk = sd2 Which sd2 partition is the key disk = a initial diff from Chris Narkiewicz OK afresh1 Feedback sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/12/23 16:03:00 Modified files: usr.bin/ftp: main.c Log message: Relax -C pledge to unbreak shelling out in interactive mode r1.69 introduced -C in 2008 "to continue multiple transfers"; 'ftp -C ftp://ftp.eu.openbsd.org/' lands in "ftp> " and turns "mget" into "reget" by default. r1.139 -C/resume without "proc exec" thusly was too strict. Instead, now after recent cleanups/tweaks, prevent execution with -o. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/12/15 03:28:57 Modified files: usr.bin/ftp: main.c Log message: No interactive shell if -o is given After r1.140 and r1.144 fixed -o '' and clenaed up option handling, respectively, avoid the "ftp> " shell if any output file was specified. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/12/13 05:14:10 Modified files: regress/usr.bin/ftp: Makefile Log message: remove -o cases; reminded by anton
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/12/12 15:00:43 Modified files: usr.bin/ftp: main.c Log message: Make -o less special, drop -o '' support, always use last value ftp(1) says -o is about a single file/URL, but option handling takes the empty string as "reset previous -o value", which makes little sense, is undocumented and counter-intuitively works as if no -o was specified. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/30 07:52:00 Modified files: usr.bin/ftp: main.c Log message: Single file to stdout without "fattr" Regardless of SMALL and other command flags, 'ftp -o - URL [file|URL ...]' only processes the first URL and exists. Only standard output is written to and modifying 'struct stat' properties as per pledge(2) "fattr" don't apply. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/30 07:51:32 Modified files: usr.bin/ftp: main.c Log message: Fold identical pledge cases, '#ifndef SMALL \n if (!resume)' equals 'else' OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/27 02:29:48 Modified files: usr.sbin/slaacctl: slaacctl.8 Log message: interfacename -> interface to match usage and other manuals; OK florian
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/21 19:20:54 Modified files: usr.bin/ftp: main.c Log message: Piping single file to standard out needs no "proc exec" '-o -' now means no "ftp> " shell, so no "|some cmd" files, "!some cmd" or "page" commands. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/20 10:48:27 Modified files: usr.bin/kdump : Makefile mkioctls Log message: Include to pretty print EFIIOC_* ioctls No base usage yet, only efivar(1) from sysutils/efivar. OK guenther
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/20 10:43:51 Modified files: usr.bin/kdump : Makefile mkioctls Log message: Sort includes, before For/OK guenther
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/15 13:23:19 Modified files: sys/sys: disk.h sys/kern : subr_disk.c Log message: Constify disk_map()'s path argument The disklabel UID passed in is not modified, reflect that and allow callers using 'const char *'. OK miod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/10 02:17:02 Modified files: bin/ps : ps.1 ps.c Log message: accept numerical user IDs Turn [-U username] into [-U user] to match top(1)/pgrep(1)/fstat(1) -U/-u taking both "root" and "0". Feedback OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 11:54:15 Modified files: bin/pax: ar_io.c pax.c Log message: Tighten pledge in List and Append mode: Drop "wpath cpath fattr dpath" in read-only: - cpio -i -t < test.tar - pax < test.tar - tar -t -f test.tar Drop "cpath fattr dpath" in read-write: - echo foo | cpio -o -A -H ustar -O test.tar - tar -r -f test.tar foo - pax -w -a -f test.tar foo Other modes remain unchanged and thus can create or modify files. Feedback OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 11:19:00 Modified files: usr.bin/ftp: main.c Log message: -C/resume without "proc exec" ftp(1) has "proc exec" to run sh(1) on interactive ! commands and filenames starting with "|"; this is orthogonal to continuing transfers using the existing file size as offsets. There seems to be no case where a) the argument is an URL, i.e. we pledge, and b) a shell is spawned somehow, so avoid these promises when resuming. bsd.port.mk(5) FETCH_CMD uses -C by default. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 08:43:28 Modified files: usr.bin/kdump : kdump.1 kdump.c Log message: Add [-P progam] to filter dumps by basename [-p pid] requires knowing the PIDs beforehand, sieving through big dumps by argv[0] strings is more ergonomic. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 07:26:34 Modified files: sys/arch/sparc64/include: boot_flag.h sys/arch/sparc64/sparc64: autoconf.c sys/arch/sparc64/stand/ofwboot: elf64_exec.c vers.c Log message: Finish clean up of old 6.7 softraid migration code All combos of no/CRYPTO softraid, old/new ofwboot, old/new kernel do boot. OK stsp
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 06:47:28 Modified files: sbin/mount_nfs : mount_nfs.8 Log message: sort .xr after previous; from jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/11/09 05:47:05 Modified files: sbin/mount : mount.8 sbin/mount_nfs : mount_nfs.8 Log message: link to showmount(8); OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/29 05:27:11 Modified files: usr.sbin/relayd: parse.y relay.c relayd.conf.5 usr.sbin/httpd : httpd.conf.5 etc/examples : relayd.conf Log message: Unmention/don't explain SSL, drop 9y old "ssl" keyword/deprecation warning Switch "ssl" to "tls" in relayd.conf(5) if you haven't done so in the last ten years, "ssl" is now an error. Say "TLS" not "SSL/TLS" and drop the primer in the TLS RELAYS section. OK benno
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/20 14:16:43 Modified files: . : macppc.html sparc64.html Log message: use cmdbox for OpenFirmware commands; OK tj
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/20 13:58:16 Modified files: sys/arch/powerpc64/stand/rdboot: cmd.c rdboot.c Log message: Adopt MI re-upgrade prevention In comparison to MI boot which only cares about /bsd.upgrade's x bit, powerpc64 rdboot just wants a regular file. Require and strip u+x before execution to prevent sysupgrade(8) loops. OK kettenis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/20 13:55:50 Modified files: sys/arch/octeon/stand/rdboot: cmd.c rdboot.c Log message: Adopt MI re-upgrade prevention In comparison to MI boot which only cares about /bsd.upgrade's x bit, octeon rdboot just wants a regular file. Require and strip u+x before execution to prevent sysupgrade(8) loops. OK kettenis
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/20 10:49:43 Modified files: faq: faq14.html Log message: Zap obvious/duplicate bits, clarify key disk usage, fix bsd.rd name; OK tj
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/19 12:39:46 Modified files: distrib/notes : m4.common Log message: root disk can be enrypted with a key disk now
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/18 20:43:58 Modified files: distrib/notes : packages Log message: Reduce unpractical package URL to usual package name; OK deraadt This section about ports/packages really wants a revamp, though...
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/18 20:39:06 Modified files: distrib/miniroot: install.sub Log message: Support encrypting the root disk with a key disk Extend the yes/no question to no/passphrase/keydisk and have users pick an existing, preformated RAID partition; no support (yet) for creating one. OK tb afresh1
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/16 09:43:47 Modified files: faq: upgrade74.html Log message: hint at softraid KDF iterations update "seems alright to me" op feedback kmos
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/15 16:36:28 Modified files: faq: upgrade74.html Log message: consistently mark up all occurences of operator and _shutdown
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/15 03:49:57 Modified files: bin/pax: pax.c Log message: Pledge once with or without "proc exec", not twice Spotted while comparing ktraces between 'tar -z' and 'gzcat | tar -f-'. Only the former runs, e.g. gzip(1), but the latter also pledges theses promises just to pledge again immediately afterwards without them. Make the calls mutually exclusive so 'tar -f-' et al. skip the first pledge and thus never have "proc exec" to begin wth. "looks good to me" mbuhl OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/12 06:31:15 Modified files: usr.sbin/sysupgrade: sysupgrade.sh Log message: Remove default sets answer The autoinstall(8) response file contains only non-defaults, except for Set name(s)? (or 'abort' or 'done') [done] done which is the hardcoded default since 2009. Added in 2019 r1.23 "Let sysupgrade(8) create auto_upgrade.conf file [...]" with all others, remove the exception. OK florian
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/11 15:53:22 Modified files: . : 74.html Log message: typofix, add installer changes wrt. arm64 and disk crypto
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/11 11:53:52 Modified files: distrib/amd64/common: install.md distrib/arm64/ramdisk: install.md distrib/riscv64/ramdisk: install.md Log message: Remove dead CRYPTOCHUNK usage install.sub r1.1245 "Ask for disk crypto after root disk question" got rid of global CRYPTO* variables; no functional change.
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/10/08 13:35:55 Modified files: faq: upgrade73.html Log message: add missing command to install puppet server
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/07 06:20:10 Modified files: sbin/bioctl: bioctl.c Log message: Retry on empty passphrase They must not be empty, or else creation/unlock fails (and boot loaders would not be able to abort and drop back to the boot> prompt). [-p passfile] handles this with "invalid passphrase length", so align the interactive prompt and retry there. -s remains a one-shot whilst getting a better error message. This is user friendlier and fixes the last installer "bug" on my list wrt. disk encryption where hitting Enter twice at the passphrase prompt would abort bioctl(8) and thus the installation. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/06 03:55:02 Modified files: sbin/bioctl: bioctl.c Log message: rename pass{word -> file} variable It contains the path to the file containing a passphrase; password reads misleading and was also the only usage of "word" in contrast to consistent "phrase" usage.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/06 03:34:20 Modified files: sys/arch/sparc64/stand/ofwboot: elf64_exec.c vers.c Log message: clean up old 6.7 softraid migration code ofwboot still passes an old/small .openbsd.bootdata size from before 6.7 when boothowto was added. Report the exact size from now on such that a future diff can rectify the corresponding check in autoconf.c:bootstrap(). All this was done to keep old/new bootloaders working with new/old kernels, but 6.7 is long gone and we should all be running current code. OK stsp
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/10/05 05:58:35 Modified files: distrib/notes : m4.common distrib/notes/alpha: features distrib/notes/amd64: features distrib/notes/arm64: features distrib/notes/armv7: features distrib/notes/hppa: features distrib/notes/i386: features distrib/notes/landisk: features distrib/notes/loongson: features distrib/notes/luna88k: features distrib/notes/macppc: features distrib/notes/octeon: features distrib/notes/powerpc64: features distrib/notes/riscv64: features distrib/notes/sparc64: features Log message: Mention the option to encrypt the root disk on supported architectures with miod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/09/21 06:11:34 Modified files: sys/arch/powerpc64/conf: RAMDISK Log message: enable softraid(4) in ramdisk No boot support as per manual, but it already has bio(4) and bioctl(8); complete enable use of software RAID. OK, run-tested gkoehler
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/09/18 04:50:54 Modified files: . : events.html Log message: merge 2023 entries
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2023/09/18 04:27:29 Modified files: . : events.html Added files: papers : eurobsdcon2023-kn-installer.pdf Log message: EuroBSDCon 2023 is over, add my slides
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/09/08 14:47:23 Modified files: sys/arch/amd64/include: biosvar.h sys/arch/amd64/amd64: machdep.c Log message: Clean up old console bootargs 7.3 is long gone, you must have new bootloaders and new kernels. Zaps both condition and else block, unindent and merge lines where fit. Feedback OK kettenis Tests OK denis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/09/02 04:18:45 Modified files: usr.sbin/dhcpd : dispatch.c Log message: Fix comment about skipped interfaces After r1.44 "Start on DOWN interfaces" this sentence makes no sense and just repeats the obvious conditions, so zap it. With/OK stsp
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/09/02 03:14:47 Modified files: sbin/bioctl: bioctl.8 bioctl.c Log message: Use a hardware based number of KDF rounds by default for passphrases When creating new crypto volumes with a passphrase or updating one, pick a number of rounds that aims to take around 1s instead of just 16 (on X230 and T14 machines, 16 rounds unlock pretty much instantly). New default [-r auto] never decreases rounds, only explicit '-r N' can. 16 is the absolute minimum. Motivation is to provide a saner and more modern default, especially for fresh installations utilizing new disk encryption question. Prodding for new default from and OK jsing on early "-r auto" installer diff idea to to pick MAX(auto, old-rounds) from Lucas[AT sexy DOT is] "seems acceptable to me" deraadt Feedback kettenis sthen OK op
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/30 11:40:08 Modified files: regress/sbin/bioctl: Makefile Log message: cover failure on insecure passfiles
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/30 11:21:40 Modified files: regress/sbin/bioctl: Makefile Log message: exercise [-p passfile] (this is not a keydisk)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/30 10:45:57 Modified files: regress/sbin/bioctl: Makefile Log message: verify that the number of rounds does not decrease
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 12:56:07 Modified files: regress/sbin/bioctl: Makefile Log message: cover force recreation (with smallest non-default number of rounds) The idea is for a later diff to inspect -v output wrt. chosen number of rounds in order to a) test -r behaviour and b) confirm that '-Cforce -rN' that a value has been recreated (output is identical for attach an create).
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 11:55:51 Modified files: regress/sbin/bioctl: Makefile Log message: rename target to reflect reality Volumes can be recreated, but the same chunk cannot be used twice. This is what '-C force' is for.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 10:58:14 Modified files: regress/sbin/bioctl: Makefile Log message: = ought to be += in previous
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 09:59:38 Modified files: regress/sbin/bioctl: Makefile Log message: cover expected failures for volume recreation and the empty passphrase
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 08:33:55 Modified files: distrib/miniroot: install.sub Log message: No need to make_dev() existing root device in disk crypto question Since r1.1245 encrypt_root() happens immediately after get_rootinfo(). the latter creates device files for the root disk (and aborts if make_dev() fails), so encrypt_root()'s call on the softraid chunk is purely redundant. Hoist _chunk definition into declaration while here.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 08:25:22 Modified files: regress/usr.sbin/installboot: Makefile Log message: most tests need root, add targets using ${SUDO} to REGRESS_ROOT_TARGETS
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 02:59:18 Modified files: distrib/miniroot: install.sub Log message: Remove retry loop crutch around disk passphrase prompt bioctl(8) now retries itself on mismatch so the installer continues until the passphrase is confirmed correctly (like for the root password) instead of bailing out after three failed attempts.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 02:33:11 Modified files: sbin/bioctl: bioctl.8 bioctl.c Log message: Retry passphrase on mismatch by default Gracefully prompt again during interactive creation and passphrase change on CRYPTO/1C volumes when confirmation fails instead of exiting, so bioctl(8) behaves more like passwd(1) in this regard. Use -s aka. non-interactive scripting mode to try just once. Input OK jsing op
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/21 02:13:37 Modified files: sbin/bioctl: bioctl.c Log message: Print softraid(4) errors on standard error INFO messages remain on stdin, WARN/ERROR go to stderr as usual to make silencing and scripting bioctl(8) easier. OK op jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/20 17:19:00 Added files: regress/sbin/bioctl: Makefile Log message: First tests for bioctl(8), start with scripted creation + passphrase change These are meant for CLI bits like passphrase hashing, error handling and interactive vs. scripted behaviour. regress/sys/dev/softraid/ and stuff like regress/usr.sbin/installboot/ already test specific softraid(4) disciplines and disk handling.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/20 16:38:49 Modified files: regress/usr.sbin/installboot: Makefile Log message: stricter devname match on bioctl(8) output avoids false positives on failure
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/20 16:00:36 src/regress/sbin/bioctl Update of /cvs/src/regress/sbin/bioctl In directory cvs.openbsd.org:/cvs.d/hack/kn/src/regress/sbin/bioctl Log Message: Directory /cvs/src/regress/sbin/bioctl added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/18 08:10:33 Modified files: bin/md5: cksum.1 md5.1 Log message: use imperative tense consistently; OK jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/18 08:09:19 Modified files: sbin/bioctl: bioctl.8 bioctl.c Log message: Make -s read passphrases without prompts or confirmation -s for non-interactive usage disables prompts, but still silently expects two inputs, which is neither intuitive nor ergonomic. Fix this get sane scriptable behaviour and documentation. Feedback OK jsing op
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/14 02:56:21 Modified files: distrib/special/bioctl: Makefile distrib/special/chmod: Makefile distrib/special/dhcpleased: Makefile distrib/special/disklabel: Makefile distrib/special/fdisk: Makefile distrib/special/fsck: Makefile distrib/special/fsck_ext2fs: Makefile distrib/special/fsck_ffs: Makefile distrib/special/fsck_msdos: Makefile distrib/special/ksh: Makefile distrib/special/ln: Makefile distrib/special/mknod: Makefile distrib/special/mount: Makefile distrib/special/mount_cd9660: Makefile distrib/special/mount_ext2fs: Makefile distrib/special/mount_ffs: Makefile distrib/special/mount_msdos: Makefile distrib/special/mount_nfs: Makefile distrib/special/mount_udf: Makefile distrib/special/newfs_ext2fs: Makefile distrib/special/newfs_msdos: Makefile distrib/special/pdisk: Makefile distrib/special/reboot: Makefile distrib/special/resolvd: Makefile distrib/special/route: Makefile distrib/special/slaacd: Makefile distrib/special/sync: Makefile distrib/special/umount: Makefile Log message: zap useless MAN bits distrib/special/Makefile.inc sets MAN= NOMAN=1, thus setting MAN* in distrib/special/*/Makefile is useless; no manuals in the installer. disklabel(8) and fdisk(8) remain exceptions with their NOMAN handling as they embed their manual for use with interactive commands. OK miod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/10 11:09:34 Modified files: distrib/miniroot: install.sub Log message: Always create new softraid CRYPTO volume, do not reuse existing one The bioctl(8) command to create new and unlock old volumes is the same. Use `-C force' to prevent reuse, which happens with, e.g. aborted/restarted encrypted installations past the question or installations onto an old disk. OK naddy sthen deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/10 01:50:45 Modified files: usr.sbin/ldomctl: ldomctl.c Log message: Make stopped ldom utilization appear as zero ldomctl(8) 'status' updated the value only on running guests, i.e. stopped ones repeated the last ones instead of showing zero. Always reset per guest before updating it, From Koakuma, thanks!
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/08/02 02:51:16 Modified files: distrib/miniroot: install.sub Log message: Simplify disk encryption question The yes/no question was mistaken as actual passphrase prompt and/or details in parentheses were taken as option list (despite the lack of commas). Unmention the only disk encryption mechanism we support and simply ask whether to protect the root disk with a passphrase or not (still yes/no). Prodded by solene, feedback from many Wording from naddy, similar wording from sthen OK naddy sthen deraadt afresh1
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/25 08:51:38 Modified files: distrib/special: Makefile Removed files: distrib/special/dhclient: Makefile Log message: stop building unused dhclient replaced by dhcpleased in 2021, no install media ships dhclient anymore. OK florian
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/23 17:42:03 Modified files: bin/ksh: main.c var.c distrib/special/ksh: Makefile Log message: avoid MAIL* environment variables to save a few bytes in install media ksh(1) MAIL, MAILCHECK, MAILPATH mbox handling is useless in the installer. OK miod deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/23 17:21:19 Modified files: sbin/mount : mount.c distrib/special/mount: Makefile Log message: use SMALL to save a shave mfs and tmpfs bits in install media RAMDISK* has MFS and TMPFS disabled, so the installer can't use them. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/15 17:01:25 Modified files: share/man/man9 : namei.9 Log message: sync with ; 'looks good' deraadt Document missing struct nameidata members and fix one member's const-ness. Add REALPATH flag from 2019.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/08 09:01:09 Modified files: distrib/miniroot: install.sub Log message: Floppies don't have bioctl(8) The installer always checks for softraid using it, skip if unavailable. Apply the usual idiom in encrypt_root() to silence stderr noise. Do so in do in get_softraid_chunks() as well which is always called in get_dkdevs_unitialized() and finish_up(); get_softraid_chunks() discards stderr and both users still do the right thing on bioctl failure/empty output from get_dkdevs_unitialized(), but there's no point in trying plus the idiom clarifies how this code is indeed used on floppies. Found and tested by krw OK deraadt krw
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/06 15:08:50 Modified files: sbin/bioctl: bioctl.8 Log message: Rectify -s lie -s to read passphrases from stdin can indeed be used for creation. OK jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/06 14:53:53 Modified files: share/man/man9 : refcnt_init.9 Log message: missed refcnt_init_trace in NAME
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/06 14:51:31 Modified files: share/man/man9 : refcnt_init.9 Log message: Document dt(4)'s refcnt_init_trace "yes please" mvs Input jca
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/06 13:46:53 Modified files: sys/sys: refcnt.h sys/net: if_ethersubr.c sys/netinet: if_ether.h sys/dev/dt : dt_prov_static.c Log message: use refcnt API for multicast addresses, add tracepoint:refcnt:ethmulti probe Replace hand-rolled reference counting with refcnt_init(9) and hook it up with a new dt(4) probe. OK mvs Feedback OK bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/05 06:58:55 Modified files: sys/arch/amd64/amd64: trap.c Log message: Drop kernel lock before panic to avoid WITNESS report during fault holding a spinlock, eg. malloc's malloc_mutex in "Data modified on freelist ..." triggers "acquiring blockable sleep lock with spinlock or critical section held" since kpageflttrap() grabs the kernel lock before fault() to serialise multiple threds/faults avoid interleaved console text. But fault() immediately sets the per-CPU panic string, so the kernel lock does not really help here. Use 'show panic' to recover from garbled console text if need be, as usual. The i386 equivalent does not use the kernel lock, either. OK bluhm kettenis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/03 09:52:51 Modified files: sys/net: if_ethersubr.c Log message: use consistent queue(9) example for LIST removal; OK bluhm mvs
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/07/03 01:40:52 Modified files: sys/dev/pv : if_vio.c Log message: typofix lladdr in function names; OK deraadt jan