summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-09-02Nuke TEMPLATE variable and just do it, like amd64/ramdisk_cd does.Kenneth R Westerback
ok deraadt@
2022-09-02Nuke variable partlba that is set but not used.Kenneth R Westerback
2022-09-02Relax GTP header validity check by allowing 1 sector size usableKenneth R Westerback
LBA area (gh_lba_start == gh_lba_end) and allowing either or both of gh_lba_start and gh_lba_end to exceed the size of the disk the GPT currently inhabits. Reduces false negatives and inappropriate fall through to MBR spoofing and allows repair of otherwise valid GPT.
2022-09-02Simplify and clean up the ecdsa test a little. Use stdio instead of BIOTheo Buehler
for output, use 'err' as a label and avoid some silly repetitions.
2022-09-02Retire old SHA testsTheo Buehler
The old tests were incomplete, some of them had no license and the code quality was questionable. The new tests by Joshua Sing cover what they did (and additionally SHA-224 and SHA-384). Many thanks!
2022-09-02Unhook old SHA testsTheo Buehler
2022-09-02Add tests for 1 million repeated "a"Theo Buehler
From Joshua Sing
2022-09-02syncJonathan Gray
2022-09-02drm/i915: Add new ADL-S pci idJonathan Gray
From Jose Roberto de Souza in drm-intel-next
2022-09-02regenJonathan Gray
2022-09-02sync Intel ADL-S devices with Mesa gitJonathan Gray
adds 0x468b, removes 0x4691
2022-09-02Now that boot blocks are able to parse ufs2, there is no need to force ufs1Miod Vallat
for the / file system. Brings landisk into the wonderful world of y2k38 compliance.
2022-09-02Add UFS2 support, with libsa for boot and with a specific ufs-and-ufs2-in-oneMiod Vallat
flavour for xxboot, due to its size constraints.
2022-09-02Add ufs2 to the list of filesystem, for the sake of boot blocks which do notMiod Vallat
provide an explicit list of files to build in libsa.
2022-09-02Remove non-_KERNEL code path for division by zero. This will allow theMiod Vallat
bootblocks to shrink a little.
2022-09-02Write /etc/resolv.conf in a more atomic manner.Florian Obser
There were few reports were /etc/resolv.conf would lose user-managed lines, possibly caused by a system crash. While here add a call to fsync(2) which might also help. input otto input & OK deraadt, kn
2022-09-02Get the retguard region's phys address from pmap, instead of using linkerMike Larkin
script symbols. This is needed since we don't have those symbols on all archs where we want hibernate. ok kettenis, and input and help from miod.
2022-09-02Add softraid(4) RAID 1C boot supportKlemens Nanni
Equivalent of sys/arch/arm64/stand/efiboot/softraid_arm64.c r1.4: (commitid: Ka484R3swI5xSRWO) "Add softraid(4) RAID 1C boot support". Tell the boot loader to decrypt 1C like C volumes and check the number of disks in 1C like in 1C volumes -- no new code rquired. Tested on T4-2 guest domains "Looks reasonable" kettenis OK stsp NB: While kernel and boot loader support root on softraid on sparc64, installboot(8) still needs a pending fix for installations on multi-chunk softraid volumes. Until then, the usual installation process will fail on 1C volumes and requires manual fixup.
2022-09-02Adopt a terser specification of an MBR partition table ofKenneth R Westerback
64 zeros, suggested by miod@ a while ago. ok mlarkin@
2022-09-02Make newer mime type definitions take precedence over existing ones.Sebastian Benoit
Patch from Ben Fuller <ben -AT- bvnf -DOT- space>, helped along by florian@ ok florian@ and some mumblings from claudio who does not want okays in httpd.
2022-09-02openpty() family of functions use /dev/ptm PTMGET to open a master+slave fdTheo de Raadt
pair, and also provides their names. Internally, 3 NDINIT+namei operations access /dev/[tp]ty[p-zP-T][0-9a-zA-Z], of these 2 followed unveil restrictions. I argue if you unveil /dev/ptm, (and not the 372 other nodes), you still want openpty() to provide you with working fd's, and the names, which the caller will probably never open manually, because the fd's are given. So change all NDINIT to use KERNELPATH, bypassing unveil. ok semarie
2022-09-02The sysORTable doesn't have 10 entries anymore.Martijn van Duren
Adjust the test for now to -Cr4, which isn't exactly in the spirit of the test but fixes things for now. Now that we have agentx I should write a backend with more predictable output to make regress more stable. pointed out by anton@
2022-09-02Use a shorter system call invocation template for system calls in the rangeMiod Vallat
0-127, where immediate addressing can be used to load the system call number in r0, rather than performing a memory load using pc-relative addressing. No functional change, but rm(1) runs a couple cycles faster per file now.
2022-09-02sk-usbhid: fix key_lookup() on tokens with built-in UVDamien Miller
explicitly test whether the token performs built-in UV (e.g. biometric tokens) and enable UV in that case. From Pedro Martelletto via GHPR#388
2022-09-01Zap IRR RFC reference for the 'bgpctl irrfilter' command which was ↵Job Snijders
deprecated in 6.6
2022-09-01vmm(4): send all port io emulation to userlandDave Voutila
Simplify things by sending any io exits from IN/OUT instructions to userland instead of trying to emulate anything in the kernel. vmm was sending most pertinent exits to vmd anyways, so this functionally changes little. An added benefit is this solves an issue reported by tb@ where i386 OpenBSD guests would probe for a pc keyboard repeatedly and cause excessive vm exits. (The emulation in vmm was not properly handling these port reads.) While here, make the assignment of the VEI_DIR_{IN,OUT} enum values not assume the underlying integer the compiler may assign. ok mlarkin@
2022-09-01whitespaceMike Larkin
2022-09-01Add forest (-f) modeJob Snijders
In -f mode group & display parent/child process relationships using ASCII art. Borrows heavily from Brian Somers' work on FreeBSD ps(1). With input from deraadt@ and tb@ OK benno@ claudio@
2022-09-01ugly whitespaceTheo Buehler
2022-09-01Move PRU_CONNECT2 request to (*pru_connect2)().Vitaliy Makkoveev
ok bluhm@
2022-09-01syncStuart Henderson
2022-09-01change part of entry description for tf from "cat" to "C/A/T";Jason McIntyre
from josiah frentsos
2022-09-01Fill the gaps for armv7, powerpc64 and riscv64Klemens Nanni
These still fail early on due to the opendev(3)/diskmap(4) race condition, so only hook them up after the kernel is fixed. Note to self: some distrib/${MACHINE}/ramdisk/install.md pass explicit newfs(8) flags -- this might be needed here; test once all the relevant kernel and installboot(8) bugs are squashed and this regress suite can be run normally.
2022-09-01whitespaceMike Larkin
2022-09-01d_bbsize and d_sbsize are entirely absent from the tree.Kenneth R Westerback
Rename them d_spare2 and d_spare3. ok otto@ as part of larger diff
2022-09-01fix unveil(2) in vmctl(8), unix socket needs :w:Sebastian Benoit
ok mestre@ martijn@
2022-09-01Update awk to Aug 30, 2022 version.Todd C. Miller
Various leaks and use-after-free issues plugged/fixed.
2022-09-01Check sk_SSL_CIPHER_push() return valueTheo Buehler
CID 24797 ok jsing
2022-09-01Add privilege separation to snmpd.Martijn van Duren
This uses the just imported snmpd_metrics as a new (agentx-based) backend. Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions registered by these binaries as authorative, so that no other agentx backends can overwrite them. The snmpe process is now pledged "stdio recvfd inet unix". This removes quite a few entries from the sysORTable, but the current entries are non-compliant anyway and should be completely revisisted at a later time. Reduces the time for a full walk by about a factor of 4, bringing us close to the original speed before application.c was introduced. General design discussed with claudio@ Tested by and OK sthen Release build test and OK tb@
2022-09-01add checks that unveil() is doing the right thing irt. bind() and connect()Sebastian Benoit
2022-09-01Hook up snmpd_metricsMartijn van Duren
OK tb@, sthen@
2022-09-01Import snmpd_metrics.Martijn van Duren
This contains snmpd's mib.c (and friends) adjusted for libagentx. This standalone binary is to be used by snmpd to achieve privilege separation. If people need net-snmpd, but want some of the base snmpd metrics they can start this binary as a normal daemon and connect to net-snmpd's agentx socket. Tested, Feedback, and OK sthen@ Release build test, and OK tb@
2022-09-01Link sha test to regressTheo Buehler
2022-09-01Add a nicely licensed, table-driven test for SHATheo Buehler
This tests covers the NIST vectors for SHA-{1,224,256,384,256} and will soon be able to replace the old SHA tests entirely. From Joshua Sing <joshua () hypera ! dev>
2022-09-01Drop support for unused attributes 'bs' (d_bbsize) and 'sb'Kenneth R Westerback
(d_sbsize). ok otto@ as part of larger diff
2022-09-01Stop setting d_bbsize and d_sbsize. Nobody has paidKenneth R Westerback
any attention for some time. ok otto@ as part of larger diff
2022-09-01Nuke comment about not using d_sbsize.Kenneth R Westerback
ok otto@ as part of larger diff
2022-09-01d_bbsize and d_sbsize have become write-only fields.Kenneth R Westerback
No need to set them or check that they are set. ok otto@ as part of larger diff
2022-09-01At the moment unveil(2) doesn't check the path for bind(2) or connect(2).Martijn van Duren
This is about to change and connect(2) will require "w", not "r". OK deraadt@ florian@ mestre@
2022-09-01Switch the rde_peer hashtable and peer list to a single RB tree.Claudio Jeker
Only the RDE used a hashtable for lookups while the session engine switched from a list to RB tree some time ago. Use peer_foreach() in the mrt code instead of passing the peer list as an argument. OK benno@ tb@