BSD Commit Log Search

   Backout: Protect IGMP and MLD6 fast timer with rwlock.

   syzkaller found recursive calls with if_maddrlock.  in_addmulti()
   takes the lock, calls igmp_joingroup(), igmp_sendpkt(), ip_output().
   There in_hasmulti() takes the lock again.  Analog for mld6_sendpkt().

   Reported-by: syzbot+9ef22ca02dffcf088cf6 at syzkaller.appspotmail.com
   Reported-by: syzbot+de6bcf8e746b8a631885 at syzkaller.appspotmail.com
   Reported-by: syzbot+c366cf5e7c87ead7f4f7 at syzkaller.appspotmail.com

   Use an iterator in uvmpd_scan_active() to prevent a list corruption.

   Releasing the pageqlock without iterator wasn't safe.

   Suggested some time ago by claudio@, reported by and ok bluhm@

   While it's clear from this man page that it's possible to list all
   encoding with the -l flag, there is no mention of the hidden .metaesc
   option. Also add reference to wskbd and wsconsctl, which can also be
   used to change the keyboard.encoding.

   ok op@

   Protect IGMP and MLD6 fast timer with rwlock.

   Multicast interface addresses for IPv4 and IPv6 get their own per
   interface lock.  Protect the TAILQ if_maddrlist with rwlock
   if_maddrlock.  Also struct in_multi and in6_multi use this lock for
   their state and timer.  Sleeps in malloc and IP output are possible.
   Run IGMP and MLD6 fast timeout with shared instead of exclusive net
   lock.

   Reported-by: syzbot+3dcb7e0d63b11f6f341c at syzkaller.appspotmail.com
   OK mvs@

   fix scan-build dead stores findings

   - httpd.c:533 – q assigned but immediately overwritten in the loop
   - server.c:891 – inrd/inwr assigned, then reassigned, never actually needed
   - server_fcgi.c:678,690 – kv result unused

   OK stsp@

   check_complete: ASN1_LONG_UNDEF is now internal

   Unexport ASN1_LONG_UNDEF

   This is another one of these weird magic values that nothing outside
   of libcrypto uses. Fix a confusing comment in long_i2c() while there.
   The skipping behavior is used in particular for omitting the optional
   length value in the non-standard OpenSSL-specific DHparam() ASN.1
   encoding.

   ok jsing kenjiro

   These files contain both MP and non-MP versions of the shoot functions
   seperated by #else.  The MP versions contain the code from the non-MP
   versions verbatim.  This adds and #ifdef MULTIPROCESSOR into the MP
   versions makes minor adjustments.  This style will avoid future errors.
   I already almost introduced one..

   A better name for the "wait" variable is "targets"; the shoot operation
   targets cpus who need to do shootdowns.

   change tlb_shoot_wait to int, like on i386, because we don't support more
   than 64 cpus (limited by the mask), and definately less than 4 billion
   ok kettenis

   openssl: list SHA-3 digests in help output

   Register sha3-{224,256,384,512} as dgst commands so they appear in
   openssl help. Without this, SHA-3 support is easy to miss and looks
   unsupported from the command line.

   ok tb jsing

   openssl dgst: drop unused cfg.m

   Remove an unused intermediate EVP_MD pointer and assign digests
   directly to cfg.md.

   ok tb joel

   fix scan-build dead stores findings

   OK stsp

   fix missing initialisation

   It is possible that "request_method" is checked without having been
   initialised in line 439.

   OK kirill@ stsp@

   mlkem: clear a few (pointers to) secrets

   The ML-KEM code is doing a pretty poor job at cleaning up secrets it no
   longer needs. This commit clears a few stack-based arrays containing
   secrets or not obviously public information and stack-based structs
   containing pointers to secrets.

   ok jsing kenjiro

   Rename RANK{768,1024} to MLKEM{768,1024}_RANK

   RANK768 and RANK1024 are awfully short and generic names for public
   constants. Before we make it worse with similarly named constants for
   ML-DSA, let's fix this. This follows the naming convention used by the
   other macros in the mlkem code.

   ok kenjiro jsing

   document wipe-all

   relayd: fix dead store and unindent carp_demote_init

   Found by scan-build:
   carp.c:64:7: warning: Although the value stored to 'c' is used in the
   enclosing expression, the value is never actually read from 'c'
   [deadcode.DeadSt ores]
      64 |         if ((c = carp_group_find(group)) == NULL)

   Feedback from Crystal Kolipe and tb@, OK tb@

   copyright++;

   x509.h: annotate why X509_PKEY cannot be made opaque

   unifdef m_copypack() use

   These ifdefs date back to 1990 in CSRG (SCCS rev 7.20).
   m_copypack() never existed in CSRG releases as far as I can tell.

   ok deraadt@ mvs@

   Correct POSIX ISBN.  1-55937-255-9 was mistakenly changed to
   1-55937-266-9 when the page was converted to mdoc in rev 1.15
   ok millert@

   constaints -> constraints

   Remove STABLE_FLAGS_MALLOC

   Formerly used by ASN1_STRING_TABLE_{add,cleanup}() which were removed two
   years ago. Annotate why STABLE_NO_MASK stays: as usual, security/xca ends
   up being the sole consumer of some nonsense. Apparently it needs its own
   reimplementation of ASN1_STRING_set_by_NID(), another removable public API
   that should never have been exposed.

   ok kenjiro

   rpki-client: clean up msgbufs when we no longer need them

   ok claudio

   Require SSE in order to use gcm_{gmult,ghash}_4bit_mmx().

   Contrary to naming, the '"June" MMX version' of gcm_ghash_4bit_mmx() uses
   SSE, while the 'pure-MMX "May" version' does not. This detail got missed
   when I was untangling OPENSSL_IA32_SSE2.

   Found the hard way by Tate Baldwin and Dennis Camera.

   Provide CRYPTO_CPU_CAPS_I386_SSE

   rpki-client: plug a leak in filemode

   When displaying an rsync:// uri, filemode would load the file into the
   buf pointer which is never freed. Surprisingly, various static analysis
   tools fail to notice this.

   ok job

   remove unused ip6_sendredirect extern
   the variable is ip6_sendredirects, which has another extern here

   remove unused tcp_ttl extern, var replaced by ip_defttl in 1993