OpenBSD/src ikrtDpssys/scsi scsiconf.c scsiconf.h

   Simply logic of detaching things. scsi_detach_bus() folded into
   scsi_detach(), scsi_detach_target() and scsi_detach_lun() become
   simple wrappers of scsi_detach() invocations.

   No intentional functional change.
VersionDeltaFile
1.207+44-53sys/scsi/scsiconf.c
1.170+1-2sys/scsi/scsiconf.h
+45-552 files

OpenBSD/src rQUxFKMsbin/iked iked.conf.5

   Clarify "protected-subnet" option.

   Explain the use of the option (according to the RFC) and make clear it is
   not usually needed for subnets specified in "from" and "to" options.

   ok sthen@
VersionDeltaFile
1.57+8-3sbin/iked/iked.conf.5
+8-31 files

OpenBSD/src KPX3EqDsbin/iked ikev2.c ikev2_pld.c

   Fix conflict when IKE SA and Child SA rekeying happen at the same time.

   If the IKE SA changes during an ongoing rekey exchange, messages may be
   lost because they were inteded for the old SA. An iked instance that is
   waiting for a rekey Child SA response will no longer reply to IKE SA
   rekey requests until the ongoing Child SA exchange has completed or
   timed out.

   ok sthen@
VersionDeltaFile
1.174+10-1sbin/iked/ikev2.c
1.74+10-1sbin/iked/ikev2_pld.c
+20-22 files

OpenBSD/src 9rCFGfhsys/scsi safte.c

   KNF tweak.
VersionDeltaFile
1.54+2-2sys/scsi/safte.c
+2-21 files

OpenBSD/src VvZomhBsys/dev/pci/drm/i915 i915_devlist.h

   sync devlist
VersionDeltaFile
1.10+18-0sys/dev/pci/drm/i915/i915_devlist.h
+18-01 files

OpenBSD/src 3Oxu4uZsys/dev/pci/drm/i915 i915_drv.c i915_drv.h

   drm/i915/cml: Introduce Comet Lake PCH

   From Anusha Srivatsa
   729ae330a0f2e270db2ca70c06a83d0aa2776288 in mainline linux

OpenBSD/src dMn5AaFsys/dev/pci/drm/i915 i915_pci.c, sys/dev/pci/drm/include/drm i915_pciids.h

   drm/i915/cml: Add CML PCI IDS

   From Anusha Srivatsa
   a7b4deeb02b978bc59808cb13c93ba84f01023a4 in mainline linux

OpenBSD/src i2pMmSTusr.sbin/smtpd parse.y

   Assign the filter name to the proc name in the case of proc_exec.
   This gives a more intuitive log-entry for filter stderr output and gets rid
   of the last_dynproc_id.

   "nice" gilles@
VersionDeltaFile
1.258+2-9usr.sbin/smtpd/parse.y
+2-91 files

OpenBSD/src 35mBbfTdistrib/sets/lists/comp mi

   sync
VersionDeltaFile
1.1459+1-0distrib/sets/lists/comp/mi
+1-01 files

OpenBSD/src CqTcgfEusr.sbin/ndp ndp.8 ndp.c

   Honour -n when setting entries

   Just like avoiding reverse lookups when printing entries or not resolving
   hostnames when deleting entries, make -n effect setting entries as well;
   just like pfctl(8)'s -N from which the manual wording was copied verbatim.

   OK deraadt
VersionDeltaFile
1.46+3-2usr.sbin/ndp/ndp.8
1.95+3-1usr.sbin/ndp/ndp.c
+6-32 files

OpenBSD/src 2DzGUsfusr.sbin/smtpd spfwalk.c

   only process records of the expected type.
   fix an issue where CNAME records generate bogus results.

   ok gilles@
VersionDeltaFile
1.12+9-0usr.sbin/smtpd/spfwalk.c
+9-01 files

OpenBSD/src yHzof1Klib/libcrypto/man RSA_new.3

VersionDeltaFile
1.15+54-10lib/libcrypto/man/RSA_new.3
+54-101 files

OpenBSD/src zXnlxZtusr.sbin/sysupgrade sysupgrade.8

   explain in a simpler way when the default is -r and when it is -s;
   triggered by a very different patch from Rashad Kanavath;
   OK florian@
VersionDeltaFile
1.9+4-10usr.sbin/sysupgrade/sysupgrade.8
+4-101 files

OpenBSD/src JwpCk80usr.bin/find find.1

   Use -delete in EXAMPLES

   -delete is part of POSIX since 2001 and tedu added support for it in 2012,
   -print0 however never made it into any standard, so replace this less
   portable idiom with its more concise built-in counterpart.

   Both -print0 as well as xargs(1) -0 explain and reference each other and
   CAVEATS goes into detail with problematic file names, so no information
   is lost by replacing this particular example.

   While here, make the -exec example rm(1) multiple files at once.

   Feedback from claudio tb
   Input and OK millert
VersionDeltaFile
1.97+4-4usr.bin/find/find.1
+4-41 files

OpenBSD/src h9ckow0lib/libcrypto/man X509_get1_email.3 X509_check_host.3

OpenBSD/src vM6B8qzusr.sbin/smtpd util.c

   martijn@ found a regression so revert to the old behavior for now
VersionDeltaFile
1.146+13-2usr.sbin/smtpd/util.c
+13-21 files

OpenBSD/src 1dcyKT2regress/sbin/disklabel 18000.ok 20000.ok

   Default layout for disklabel(8) has changed, /usr became larger.
   Adjust expected values in test.
   reminded by Moritz Buhl

OpenBSD/src ZEtiM1Slib/libcrypto/man X509_new.3

   document X509_dup(3)
VersionDeltaFile
1.21+40-8lib/libcrypto/man/X509_new.3
+40-81 files

OpenBSD/src CxiskFousr.sbin/vmctl main.c

   vmctl(8): fix wrong output when using 'vmctl stop'

   Fix a wrong output when using 'vmctl stop' without any further arguments.

   Patch from Caspar Schutijser, thanks!

   ok deraadt
VersionDeltaFile
1.58+5-2usr.sbin/vmctl/main.c
+5-21 files

OpenBSD/src FlXZ7JEusr.sbin/smtpd util.c smtpd.h

   res_hnok() is too lenient wrt to acceptable domain name in mail addresses.
   replace it with a valid_domainname() check that implements something closer
   to RFC 5321, but still usable in real-life.

   ok gilles@ millert@
VersionDeltaFile
1.145+35-10usr.sbin/smtpd/util.c
1.632+2-1usr.sbin/smtpd/smtpd.h
+37-112 files

OpenBSD/src GCuqF9mdistrib/sets/lists/comp mi

   sync
VersionDeltaFile
1.1458+1-0distrib/sets/lists/comp/mi
+1-01 files

OpenBSD/src opQiIrplibexec/tradcpp place.c directive.c

   update tradcpp to 0.5.3

OpenBSD/src zzVxFpAsys/dev/pci pcidevs_data.h pcidevs.h

   regen
VersionDeltaFile
1.1883+41-33sys/dev/pci/pcidevs_data.h
1.1888+11-9sys/dev/pci/pcidevs.h
+52-422 files

OpenBSD/src 4qCsEBusys/dev/pci pcidevs

   add Intel 100 Series LP eMMC/SDXC from fkr
   add Intel WHL-U Host ids
VersionDeltaFile
1.1895+11-9sys/dev/pci/pcidevs
+11-91 files

OpenBSD/src BHIbT0Gsys/scsi scsiconf.c

   T10/BSR INCITS 503 (SPC-5) is apparently a thing. Update
   version_to_spc() to map the formerly reserved value 0x07 in the
   INQUIRY version field to 5 (a.k.a. SPC-5), instead of 0 (a.k.a. device
   does not claim support for any SPC version).

   Tweak comment for 0x03 mapping to note it means compliance to SPC, not
   SPC-3. Tweak comment for 0x06 mappoing to specify the ANSI INCITS
   513-2005 that documents SPC-4.
VersionDeltaFile
1.206+4-4sys/scsi/scsiconf.c
+4-41 files

OpenBSD/src cKBLgjLregress/usr.bin/ssh/unittests/misc Makefile

   Test did not compile due to missing symbols.  Add source sshbuf-misc.c
   to regress as it was done in ssh make file.
   from Moritz Buhl

OpenBSD/src IoErJzZregress/usr.sbin/rpki-client test-roa.c test-mft.c

   Define the new verbose variable also in the regression sources so
   that the test programs link with the rpki-client object files again.
   from Moritz Buhl

OpenBSD/src SdUrOYzusr.bin/make pathnames.h make.1

   GC some old stuff
   okay millert@
VersionDeltaFile
1.13+2-10usr.bin/make/pathnames.h
1.129+3-8usr.bin/make/make.1
+5-182 files

OpenBSD/src ZrYK5guusr.sbin/ndp ndp.c

   Replace hand-rolled errors with warn(3)

   "Looks good" deraadt millert
VersionDeltaFile
1.94+11-17usr.sbin/ndp/ndp.c
+11-171 files

OpenBSD/src sixCzYasys/arch/arm64/dev acpipci.c

   Don't check _TTP for io windows.

   ok patrick@, jsg@
VersionDeltaFile
1.13+5-3sys/arch/arm64/dev/acpipci.c
+5-31 files

OpenBSD/src qMrsjiXgames/fortune/datfiles fortunes2 fortunes-o.real

   spelling fix and zap a stray line while here;

OpenBSD/src sCWmh0Alib/libcrypto/man X509_check_purpose.3 X509_new.3

OpenBSD/src 7DWPN9xsys/dev/pci auich.c

   do pci_intr_disestablish() and bus_space_unmap() calls if auich_alloc_cdata() fails; ok 
ratchov@
VersionDeltaFile
1.112+17-18sys/dev/pci/auich.c
+17-181 files

OpenBSD/src iMW13GYsys/arch/i386/isa clock.c

   unused variable, after previous commit
VersionDeltaFile
1.56+1-2sys/arch/i386/isa/clock.c
+1-21 files

OpenBSD/src uQf3Qkxdistrib/sets/lists/comp mi

   sync
VersionDeltaFile
1.1457+1-0distrib/sets/lists/comp/mi
+1-01 files

OpenBSD/src mrlWTsRlib/libc/sys sysctl.2, sys/arch/amd64/isa clock.c

   sysctl(2): add kern.utc_offset: successor to the DST/TIMEZONE options(4)

   The DST and TIMEZONE options(4) are incompatible with KARL, so we need
   some other way to compensate for an RTC running with a known offset.

   Enter kern.utc_offset, an offset in minutes East of UTC.  TIMEZONE has
   always been minutes West, but this is inconsistent with how everyone
   else talks about timezones, hence the flip.

   TIMEZONE has the advantage of being compiled into the binary.  Our new
   sysctl(2) has no such luck, so it needs to be set as early as possible
   in boot, from sysctl.conf(5), so we can correct the kernel clock from
   the RTC's local time to UTC before daemons like ntpd(8) and cron(8)
   start.  To encourage this, kern.utc_offset is made immutable after the
   securelevel(7) is raised to 1.

   Prompted by yasuoka@.  Discussed with deraadt@, kettenis@, yasuoka@.
   Additional testing by yasuoka@.

   ok deraadt@, yasuoka@

OpenBSD/src te98gxQusr.sbin/pkg_add package.5

   Remove cdrom mention

   ok espie@
VersionDeltaFile
1.27+3-4usr.sbin/pkg_add/package.5
+3-41 files

OpenBSD/src 5P2XKfcdistrib/miniroot install.sub

   Lower syspugrade timeout to 30 minutes

   The previous mechanism used a single timeout for the entire upgrade which
   was kept when introducing the per-set watchdog.

   Half an hour now seems more sensible to safely catch the biggest sets on
   slow hardware, so avoid needlessly stalling (failed) upgrades for too long.

   OK sthen deraadt
VersionDeltaFile
1.1140+2-2distrib/miniroot/install.sub
+2-21 files

OpenBSD/src S4kFIUssys/arch/mips64/include pmap.h, sys/arch/mips64/mips64 pmap.c context.S

   Fix a race in invalidation of remote TLB entries.

   If a CPU updates a pmap concurrently with the activation of that pmap
   on another CPU, invalidation of TLB entries might be incomplete.
   It is also possible that a CPU altogether stops updating its TLB.

   Prevent the race by synchronizing pmap activations and logic that
   determines where to send TLB invalidation IPIs.

   To avoid mutex wait without ability to process IPIs, the context switch
   code is adjusted to call pmap_activate() with interrupts enabled.
   In practice, interrupts up to IPL_SCHED are still disabled on context
   switch.

OpenBSD/src v0oU5lVlib/libc/sys sysctl.2, sbin/ifconfig ifconfig.8

       Remove support for semantically opace interface identifiers (RFC 7217)
       for IPv6 link local addresses.

       Some hosting and VM providers route customer IPv6 prefixes to link
       local addresses derived from ethernet MAC addresses (RFC 2464). This
       leads to hard to debug IPv6 connectivity problems and is probably not
       worth the effort.

       RFC 7721 lists 4 weaknesses:

       3.1. Correlation of Activities over Time & 3.2. Location Tracking
       These are still possible with RFC 7217 addresses for an adversary
       connected to the same layer 2 network (think conference wifi). Since
       the link local prefix stays the same (fe80::/64) the link local
       addresses do not change between different networks.
       An adversary on the same layer 2 network can probably track ethernet
       MAC addresses via different means, too.

       3.3. Address Scanning & 3.4. Device-Specific Vulnerability Exploitation
       These now become possible, however, as noted above a layer 2 adversary
       was probably able to do this via different means.

       People concerned with these weaknesses are advised to use
       ifconfig lladdr random.
   OK benno
   input & OK kn

OpenBSD/src CZJs1QKsbin/disklabel disklabel.8 editor.c

   Bump /usr on big auto-allocation table; ok krw@ sthen@ phessler@
VersionDeltaFile
1.136+3-3sbin/disklabel/disklabel.8
1.362+2-2sbin/disklabel/editor.c
+5-52 files

OpenBSD/src HxFUReksys/dev/pci vga_pci_common.c, sys/dev/pci/drm/amd/amdgpu amdgpu_devlist.h

   Add simple amdgpu pci id devlist for the ramdisk to determine if
   aperture is needed.  Skip SI/CIK ids as we don't build amdgpu with
   SI/CIK support (radeondrm covers these) and skip VEGA20 ids we
   don't match on as they are flagged AMD_EXP_HW_SUPPORT.

OpenBSD/src RXEOvtisys/dev/pci mfii.c mpii.c

   Trailing whitespace.
VersionDeltaFile
1.61+5-5sys/dev/pci/mfii.c
1.119+2-2sys/dev/pci/mpii.c
+7-72 files

OpenBSD/src 3UsY3Mfsys/arch/amd64/stand/efi32 efipxe.c, sys/arch/amd64/stand/efi64 efipxe.c

   Network-based device paths use Messaging and not Media types.  Thus
   in reality the depth was always -1 which made the compare function
   a No-Op.  Properly check the device path depth value and look for
   the Messaging type instead to find the correct NIC.  This check
   never worked before and was uncovered by the last change.

   Regression noticed by bluhm@

OpenBSD/src xfrCciYsys/dev/ic qla.c, sys/dev/pci qle.c

   Use the defines DETACH_FORCE and DETACH_QUIET when constructing a value
   that will end up in config_detach() flags via scsi_detach_target().

   ok jmatthew@ dlg@
VersionDeltaFile
1.57+5-3sys/dev/ic/qla.c
1.46+5-3sys/dev/pci/qle.c
+10-62 files

OpenBSD/src hsM8cuzsys/arch/arm64/conf GENERIC

   Enable ipmi(4).

   ok deraadt@
VersionDeltaFile
1.110+3-1sys/arch/arm64/conf/GENERIC
+3-11 files

OpenBSD/src 9pAHKGCusr.sbin/rpki-client rpki-client.8

   Adjust manpage. Document -t tal and the new output argument. Also remove
   some of the comments for sections that will never ever be used here.
VersionDeltaFile
1.5+25-18usr.sbin/rpki-client/rpki-client.8
+25-181 files

OpenBSD/src 4TBKKuKusr.sbin/rpki-client main.c output-bgpd.c

   Change the arguments to rpki-client a bit. Instead of listing all TAL files
   as arguments rpki-client will now load the TAL installed in /etc/rpki by
   default. For debug reasons an option -t tal is added to pass in TAL files
   by hand. The argument is now instead the filename of the output file.
   Now `rpki-client roa.conf` will do what you need which is a lot nicer.
   Agreed by deraadt@ job@ to be a step in the right direction.

OpenBSD/src Npr3UGFsys/scsi scsiconf.c scsiconf.h

   scsi_probe_bus() always returns 0. Nobody but scsi_probe() even
   pretended to care. So just make in a void, and explicitly return 0 in
   the appropriate case in scsi_probe().
VersionDeltaFile
1.205+6-6sys/scsi/scsiconf.c
1.169+2-2sys/scsi/scsiconf.h
+8-82 files

OpenBSD/src nf5ugTclib/libcrypto/man X509_cmp.3 X509_digest.3

   New manual page X509_cmp(3) documenting the same public functions
   as in OpenSSL 1.1.1.  I rewrote most of the text for clarity, precision,
   and conciseness and added some additional information.  A few sentences
   from Paul Yang remain.