Slightly iprove a confusing wording in the parse.y manuals:
The things that need quoting are not necessarily "argument names",
and not even necessarily "names" at all, so just talk about "arguments".
"I guess?" florian@ and no objection from otto@, both back in July 2025.
Actually, the quoting rules are more complicated than the text makes
believe, but i do not know how to better describe them. It may not be
easy because some suspect the implementation may be somewhat adhoc
rather than based on cleary defined lexical rules.
Delete duplicate SEE ALSO entry: lstat(2) is documented in the same
manual page as stat(2), and will almost certainly always be,
so having SEE ALSO pointers to both was gratuitiously wordy.
Avoid statement that was misleading by being overly specific:
without -T, the format of the last modification column varies.
Being less specific is actually better because that indicates
to the reader that it's intended for human consumption, and that
trying to parse it programmatically is likely not a good idea.
Issue reported by Jan Stary <hans at stare.cz> on tech.
Patch by me, OK sthen@.
Rewrite ec_point_cmp()
This removes some complications due to handling the fast path for affine
points and general points at the same time. The result is a bit more code
but both paths should be much easier to follow.
ok jsing kenjiro
mlkem: fix mklem_{generate_key,encap}_external_entropy() declarations
The prototypes used sized arrays appropriate only for MLKEM768 while the
declarations used pointers. For some reason clang doesn't flag this but
gcc does. In any case it was wrong. The callers of these functions check
that they pass in the correct size. Which is weird but the mlkem directory
has an unbelievable amount of mess and bad code.
found by/ok jsing
mlkem: garbage collect the unusd mlkem_{generate_key,encap}()
These are flagged by more recent gcc since declarations and definitions
don't match (sized array vs pointer). Also an array was checked for NULL.
found by/ok jsing
stub 'time' command; OK miod
octeon (like loongson at least) lacks clock code and thus the 'time'
command besides MD boot* manuals.
Since unsupported commands are treated as file names and explicit
kernels overrule any /bsd.{boot,upgrade} fallback in general,
this causes sysupgrade to not kick in until boot.conf is fixed:
>> OpenBSD/octeon BOOT 1.5
upgrade detected: switching to /bsd.upgrade
failed to load kernel sd0a:time: No such file or directory
will try /bsd
boot>
NOTE: random seed is being reused.
booting sd0a:/bsd
Make 'time' do nothing and return success to ensure it doesn't effect
subsequent execution.
prune previous libLLVM; OK jca deraadt
Reclaiming ~10% of that gigabyte sysupgrade now wants in /usr/ seems nice:
octeon -r--r--r-- 1 root bin 106M Apr 14 2025 /usr/lib/libLLVM.so.8.0
amd64 -r--r--r-- 1 root bin 82.6M Jun 10 2025 /usr/lib/libLLVM.so.8.0
distrib/sets/lists/base/md.* shows macppc as last arch to switch to 9.0
(even bigger) on 01.08.25, so nothing should use old libs anymore by now.
Check absoloute free space rather than usage percentage
10% on big (single filesystem) disks can still be plenty enough;
on the flip side, e.g. 10% of 3G /usr is often still too tight.
So instead of ">= 90% used", use "< 1G free" to bail out early.
Input OK sthen
Provide LIBRESSL_USE_.*_ASSEMBLY defines.
Make life easier for portable by providing LIBRESSL_USE_.*_ASSEMBLY
defines, which enable/disable assembly for a specific algorithm. This
means that selected platforms can include the assembly files and specify
a define, rather than having to try to patch the crypto_arch.h headers.
Discussed with tb@
Replace MD5_ASM with function specific defines.
Use the same pattern that is now used for most other code - provide
HAVE_MD5_BLOCK_DATA_ORDER and use this to selectively enable source code.
Replace GHASH_ASM with function specific defines.
Use the same pattern that is now used for most other code - provide HAVE_*
defines for functions and use these to selectively enable source code.
Use .section before .rodata to appease gas.
gas dislikes bare .rodata - add .section before .rodata to make it happier
(LLVM does not care and is happy with either). For consistency, do the same
with .text.
Inflate gzip compressed CCR files on the fly in filemode
Turns out CCR data is highly compressable (~50% reduction with gzip).
Filemode recognizes compressed files by the .gz filename extension and
handles those transparently, i.e. 'rpki-client -jf *.ccr.gz *.mft.gz'
will output the hash identifier for a given file's uncompressed form.
OK tb@
asn1t.h: whitespace tweaks
Add missing space after commas, shorten a couple comments in structs,
reflow weirdly wrapped long comments and improve the random line
breaks in typedefs and prototypes.
un-ifdef i8259
We don't need different code variants for the legacy PIC. Just keep the
default variant and remove lots of #ifdefs
always defined:
ICU_HARDWARE_MASK
never defined:
ICU_SPECIAL_MASK_MODE
AUTO_EOI_1
AUTO_EOI_2
PIC_MASKDELAY
MASKDELAY
REORDER_IRQ
ok kettenis@ hshoexer@
bcmsdhost: Set bus clock after reset
The host reset during attach nukes SDCDIV that the bus clock setup has
initialized right before. Reorder to keep the correct value in SDCDIV.
ok kettenis@
In SEV-ES mode, guest userland is allowed to execute the vmgexit
instruction, although it has no control over the GHCB. Therefore,
it is important that the GHCB does not contain a valid request after
use.
In all "vmgexit paths" the GHCB is cleared by ghcb_sync_in() (it
calls ghcb_clear()) after returning from the hypervisor back into
the guest.
However, in _ghcb_mem_rw() I missed this when requesting MMIO writes
from the hypervisor. The diff below corrects this.
I want to keep this pattern in all vmgexit paths:
ghcb_sync_out
vmgexit
ghcb_verify_bm
ghcb_sync_in
[4 lines not shown]
As vmd(8) direct kernel launch now uses 32-bit legacy mode (with
paging disabled) we do not need the 64-bit #VC handling in locore0
anymore.
ok mlarkin@
