OpenBSD/src pd6sEJlsys/kern subr_pool.c

   pool: Check early that we can sleep

   Check early that we actuallly are in a sleepable context in pool_get().
   There is an equivalent check in malloc().

   from jsg@, ok jca@
VersionDeltaFile
1.242+4-1sys/kern/subr_pool.c
+4-11 files

OpenBSD/src Kbf2ctTdistrib/sets/lists/base md.macppc, distrib/sets/lists/comp clang.macppc

   sync
VersionDeltaFile
1.30+233-74distrib/sets/lists/comp/clang.macppc
1.1053+3-3distrib/sets/lists/base/md.macppc
+236-772 files

OpenBSD/src QmToamgusr.sbin/rpki-client x509.c

   rpki-client: add experimental support for P-256 TA keys

   This reuses a subset of the checks in cert_check_spki() and passes regress.
   It will make sure we revisit this if we add support for other key types and
   resolves an XXX (while adding another one).

   discussed with job
VersionDeltaFile
1.117+42-8usr.sbin/rpki-client/x509.c
+42-81 files

OpenBSD/src s0WpUSyusr.sbin/rpki-client filemode.c

   rpki-client: add more smarts to filemode file type detection

   If the file extension doesn't indicate what file type we have, attempt to
   parse the file's content as DER for CMS content, a cert or a CRL. For CMS
   we can check if we deal with signedData and inspect its eContentType.

   h/t jsing
   ok job
VersionDeltaFile
1.67+78-1usr.sbin/rpki-client/filemode.c
+78-11 files

OpenBSD/src 59RG8kzusr.sbin/rpki-client cert.c

   Don't check filename<>SIA matches in filemode

   As this gets in the way of filemodes' file type autodetection

   OK tb@
VersionDeltaFile
1.204+2-9usr.sbin/rpki-client/cert.c
+2-91 files

OpenBSD/src c2SeFmNusr.sbin/rpki-client extern.h cert.c

   Extern all the ASN1_OBJECTs in extern.h, not in the .c files

   ok job
VersionDeltaFile
1.256+20-1usr.sbin/rpki-client/extern.h
1.203+1-9usr.sbin/rpki-client/cert.c
1.54+1-5usr.sbin/rpki-client/cms.c
1.84+1-3usr.sbin/rpki-client/roa.c
1.40+1-3usr.sbin/rpki-client/rsc.c
1.13+1-3usr.sbin/rpki-client/spl.c
+25-246 files not shown
+31-4212 files

OpenBSD/src zmT8DgIusr.bin/mandoc term.c

   Fix a regression introduced in rev. 1.152:
   Initialize the right variable (max_sz, not this_sz).
   Caught by jsg@ with smatch, which correctly complained:
   term_strlen() error: uninitialized symbol 'max_sz'.
VersionDeltaFile
1.154+2-2usr.bin/mandoc/term.c
+2-21 files

OpenBSD/src PVQxW9Jsys/dev/pv virtio.c if_vio.c

   virtio: Allow DMA mem above 4G

   Allow to use memory above 4G on amd64 for virtio rings and
   descriptors. This may reduce pressure on dma-able memory a bit.

   For the virtio ring address, virtio 0.9 has a 2^44 limit. Use
   bus_dmamem_alloc_range there.

   With input from kettenis@
   ok mlarkin@
VersionDeltaFile
1.38+11-5sys/dev/pv/virtio.c
1.71+7-5sys/dev/pv/if_vio.c
1.37+7-5sys/dev/pv/vioscsi.c
1.46+6-4sys/dev/pv/vioblk.c
+31-194 files

OpenBSD/src QsoSkjssys/dev/pci if_mwx.c

   Remove a double space
VersionDeltaFile
1.7+2-2sys/dev/pci/if_mwx.c
+2-21 files

OpenBSD/src KaIwHGiusr.sbin/rpki-client main.c io.c

   Split io_read_str() in two. One version that requires a string (default)
   and one that allows optional strings (aka NULL pointers).

   Also split io_str_buffer() in two. To enforce that we don't pass a NULL
   pointer in a place where we don't expect a NULL pointer.
   On top of this just error out in io_read_buf() if the sz passed in is 0.

   Adjust all io_read_str() calls to follow this. This way it is obvious
   where we accept a NULL as a string pointer.
   OK tb@ job@
VersionDeltaFile
1.290+20-18usr.sbin/rpki-client/main.c
1.29+28-3usr.sbin/rpki-client/io.c
1.202+15-16usr.sbin/rpki-client/cert.c
1.41+10-4usr.sbin/rpki-client/rrdp.c
1.42+4-7usr.sbin/rpki-client/tal.c
1.78+5-6usr.sbin/rpki-client/repo.c
+82-544 files not shown
+98-6710 files

OpenBSD/src NWIHtN4regress/sys/netinet/tcpstate tcp_syncache.py tcp_synsent.py

   Check that SYN+ACK packets are retransmitted from the SYN cache.
VersionDeltaFile
1.1+81-0regress/sys/netinet/tcpstate/tcp_syncache.py
1.2+5-2regress/sys/netinet/tcpstate/tcp_synsent.py
1.3+1-1regress/sys/netinet/tcpstate/tcp_finwait.py
1.4+1-1regress/sys/netinet/tcpstate/tcp_lastack.py
1.4+1-1regress/sys/netinet/tcpstate/tcp_closing.py
1.3+1-1regress/sys/netinet/tcpstate/tcp_established.py
+90-66 files

OpenBSD/src 07VJkXzsys/kern kern_fork.c

   Inherit PS_NOBTCFI at fork(2)

   Else the forked children could get killed by our BTCFI safeguards.
   PS_NOBTCFI is supposed to be set/unset at exec time.

   Spotted by tb@ and landry@ with recent firefox.

   ok claudio@ sthen@ deraadt@ tb@
VersionDeltaFile
1.274+2-2sys/kern/kern_fork.c
+2-21 files

OpenBSD/src HuXWKVlsys/msdosfs bootsect.h

   fist -> first; ok mglocker@ miod@
VersionDeltaFile
1.8+2-2sys/msdosfs/bootsect.h
+2-21 files

OpenBSD/src uyQiM94sys/kern subr_suspend.c

   Better fix for power-button event handling during resume

   Reset resume_time once we have passed the sleep_state() function.
   With this we can keep using the 10 seconds power button timeout
   we had before I bumped it to 15 seconds.

   Suggested by deraadt@
VersionDeltaFile
1.21+3-2sys/kern/subr_suspend.c
+3-21 files

OpenBSD/src WS8no0Zregress/sys/netinet/tcpstate tcp_synsent.py Makefile

   Check that SYN packets are retransmitted in SYN_SENT state.
VersionDeltaFile
1.1+81-0regress/sys/netinet/tcpstate/tcp_synsent.py
1.3+2-2regress/sys/netinet/tcpstate/Makefile
+83-22 files

OpenBSD/src YJFhERWsys/kern sched_bsd.c, sys/sys proc.h

   Instead of resetting p_cpticks in schedcpu() for all procs make
   p_cpticks a constantly increasing counter. schedcpu() then uses
   p_cpticks2 to store the last value. So the count of tick then
   becomes p_cpticks - p_cpticks2 and with both value are only
   updated by a single point. This makes the calculation of p_cpu
   fully MP safe.
   OK mpi@
VersionDeltaFile
1.104+9-8sys/kern/sched_bsd.c
1.394+3-2sys/sys/proc.h
+12-102 files

OpenBSD/src pGg8eposys/arch/arm64/arm64 trap.c

   Avoid decoding instructions when elr isn't pointing into the kernel part
   of the virtual address space.  Use fault() instead of panic() to report
   an attempt to access or execute user space address from the kernel such
   that we preserve more state.

   ok miod@, deraadt@, jca@
VersionDeltaFile
1.54+34-23sys/arch/arm64/arm64/trap.c
+34-231 files

OpenBSD/src jOlsixUusr.sbin/rpki-client parser.c

   Be more precise in the way we batch offload messages from the workq and
   singnal other threads once done.

   OK job@ tb@
VersionDeltaFile
1.167+5-5usr.sbin/rpki-client/parser.c
+5-51 files

OpenBSD/src rNMYuEDsys/arch/arm64/dev rtkit.c

   fix memory leak; ok kettenis@
VersionDeltaFile
1.19+2-1sys/arch/arm64/dev/rtkit.c
+2-11 files

OpenBSD/src 96BQfEosys/net80211 ieee80211.c

   revert 'fix wrong ifmedia macro used to check for IFM_AUTO'; change was wrong

   While IFM_AUTO is indeed in the IFM_SUBTYPE range of the ifmedia word,
   what this check is really trying to find out is whether any bits in
   the IFM_MODE range are set. Those bits indicate whether userland has fixed
   the phy mode to 11a/11b/11g etc. And because IFM_AUTO is zero this check
   works as intended, even though comparing IFM_MODE range values to a value
   declared in the IFM_SUBTYPE range is questionable coding style.
VersionDeltaFile
1.90+2-2sys/net80211/ieee80211.c
+2-21 files

OpenBSD/src 5S5fVtOsys/kern subr_disk.c

   Use a clearer idiom for initializing/using the GPT spoof
   whitelist.

   Tested on sparc64/gcc4 and ok jca@
VersionDeltaFile
1.277+22-28sys/kern/subr_disk.c
+22-281 files

OpenBSD/src Fht4ZBjsys/dev/ic qwx.c, sys/net80211 ieee80211_node.c ieee80211_node.h

   replace ieee80211_iserp_sta() with a check for the 11g xrates info element

   ok phessler@
VersionDeltaFile
1.202+8-30sys/net80211/ieee80211_node.c
1.84+2-2sys/dev/ic/qwx.c
1.96+1-2sys/net80211/ieee80211_node.h
+11-343 files

OpenBSD/src EbvPar0usr.bin/tmux cmd-if-shell.c

   Do not leak on failure, GitHub 4565.
VersionDeltaFile
1.86+2-2usr.bin/tmux/cmd-if-shell.c
+2-21 files

OpenBSD/src LweF6XPsys/dev/fdt qcpas.c

   Fix typo in comment.

   Some jokes from job@ and deraadt@ indicates that they are ok
VersionDeltaFile
1.12+2-2sys/dev/fdt/qcpas.c
+2-21 files

OpenBSD/src wKXgZUrsys/kern sysv_sem.c

   Set the upper boundary of 'kern.seminfo.semopm' variable to
   "(MALLOC_MAX / sizeof(struct sembuf))". Otherwise the greater value
   could exceed the MALLOC_MAX limit and cause panic.

   Reported-by: syzbot+eef7ac9dfe338eeaec7c at syzkaller.appspotmail.com

   ok bluhm deraadt millert jca
VersionDeltaFile
1.65+4-2sys/kern/sysv_sem.c
+4-21 files

OpenBSD/src 9WpMdGMusr.bin/tmux tmux.1

   Fix reverse documentation of display-popup -s and -S, from Ricardo Signes.
VersionDeltaFile
1.1006+4-4usr.bin/tmux/tmux.1
+4-41 files

OpenBSD/src llrXsOuusr.sbin/relayd relayd.c

   For IMSG_BINDANY, bnd.bnd_proc wasn't range checked to ensure it is positive.
   As a result IF the other side of the privsep was succesfully exploited, it
   could then send such a flawed message and cause a cause an array bounds
   violation over the privsep boundary.
   Reported by S. Ai, H. Lefeuvre, Systopia team
   ok claudio
VersionDeltaFile
1.195+2-2usr.sbin/relayd/relayd.c
+2-21 files

OpenBSD/src dnjXKd5usr.sbin/rpki-client tak.c extern.h

   fix comments: draft-ietf-sidrops-signed-tal is now RFC 9691
VersionDeltaFile
1.25+3-3usr.sbin/rpki-client/tak.c
1.254+2-2usr.sbin/rpki-client/extern.h
+5-52 files

OpenBSD/src FWtewTNusr.sbin/rpki-client spl.c

   revert previous. that was the wrong file (the old ROA RFC is still wrong)
VersionDeltaFile
1.12+1-1usr.sbin/rpki-client/spl.c
+1-11 files

OpenBSD/src TTlJbOEusr.sbin/rpki-client spl.c

   rpki-client: refer to SPL RFC, not ROA
VersionDeltaFile
1.11+2-2usr.sbin/rpki-client/spl.c
+2-21 files