| Age | Commit message (Collapse) | Author |
|---|
|
directory while developing and debugging. Should help prevent accidentally
testing against unchanged installed sshd-auth and sshd-session binaries.
ok djm@
|
|
where this isn't safe (which it's not required to be). ok djm@
|
|
|
|
|
|
|
|
|
|
reported by kirill@
|
|
allocate the uarea with zeroed pages using km_alloc(9). Adjust the amd64
code that creates a guard page at the top of the kernel stack to use
pmap_kremove(9) instead of pmap_remove(9) to reflect that the uarea no
longer uses "managed" pages.
ok mpi@
|
|
effectively infinite).
|
|
|
|
available in mode 1, from Stanislav Kljuhhin, GitHub issue 4188.
|
|
|
|
From Nir Lichtman
|
|
anton@ and syzkaller have trouble with it.
|
|
ok kettenis@
|
|
|
|
|
|
From Nir Lichtman
|
|
vm_maps have a "feature" where they can mark that they're being
operated on by a specific proc, and then release the rwlock protecting
their state. to relock, you have to be the same proc that marked
it busy.
this diff tries to simplify it a bit. it basically has threads check
the busy field up front and rechecks the busy field inside the
rwlock. if you can sleep, it will sleep up front for the busy field
to become clear, rather than sleep on either the busy field or the
rwlock. some code paths clear the busy field without holding the
rwlock, so it doesn't make sense to me to be waiting for the busy
field but sleeping somewhere else.
ok claudio@ mpi@
|
|
OK dlg@
|
|
|
|
|
|
|
|
|
|
ok miod@
|
|
power-off voltage switch sequence when card is already operating at
requested voltage.
Zap the NOPWR0 quirk for Intel controllers.
ok stsp@ kettenis@
|
|
This makes the thing a bit easier on the eyes and improves greppability.
ok joshua jsing
|
|
ok joshua jsing
|
|
Move the IA32 specific code to arch/{amd64,i386}/crypto_cpu_caps.c, rather
than polluting cryptlib.c with machine dependent code. A stub version of
crypto_cpu_caps_ia32() still remains for now.
|
|
This has been unused for a long time - it can be found in the attic if
someone wants to clean it up and enable it in the future.
ok tb@
|
|
|
|
EC_GROUP_check() is quite simple. It doesn't need to use its own file.
|
|
They make use of the by now unsupported SIOCSIFDSTADDR ioctl command.
They should instead make use of the SIOCAIFADDR ioctl command, however
figuring out such change is above my pay grade.
|
|
|
|
This makes the internal curve test in ectest.c superfluous.
Also fix a logic error.
|
|
When determining the minimum of nitems and EC_CURVE_LIST_LENGTH
we need neither an extra variable nor a ternary operator.
|
|
Rename struct ec_list_element into struct ec_curve. Accordingly, curve_list
becomes struct ec_curve ec_curve_list[]. Adjust internal API to match.
suggested by jsing
|
|
|
|
EC parameters are very general. While there are some minimal sanity checks,
for the parameters due to DoS risks found in the last decade, the elliptic
curve code is poorly written and a target rich environment for NULL
dereferences, busy loops, expensive computations and whatever other
nastiness you can think of. It is not too hard to come up with parameters
that reach very ugly code. While we have removed for the worst of it (the
"fast" nist code and GF2m come to mind), the code very much resembles the
Augean Stables.
Unfortunately, curve parameters are still in use - even mandatory in some
contexts - for example in machine-readable travel documents signed by ICAO
country signing certification authorities (see ICAO Doc 9303).
To avoid many of these DoS vectors, start enforcing that we know what the
curve parameters are about, namely that they correspond to a builtin curve.
This way we know that the parameters are at least as good as the standards
we implement and checking this is cheap:
Translate curve parameters into the ad hoc representation in the builtin
curve code and check there's a match. That's very cheap since most curves
are distinguished by cofactor and parameter length and we need to use an
actual parameter comparison for at most half a dozen curves, usually only
one or two.
ok jsing
|
|
|
|
This is the same CPU capabilities code that is now used for amd64. Like
amd64 we now only populate OPENSSL_ia32cap_P with bits used by perlasm.
Discussed with tb@
|
|
|
|
This is a CPU capability detection implementation in C, with minimal
inline assembly (for cpuid and xgetbv). This replaces the assembly
mess generated by x86_64cpuid.pl. Rather than populating OPENSSL_ia32cap_P
directly with CPUID output, just set the bits that the remaining
perlasm checks (namely AESNI, AVX, FXSR, INTEL, HT, MMX, PCLMUL, SSE, SSE2
and SSSE3).
ok joshua@ tb@
|
|
send a single reset during attach. We have discovered that some
devices such as the built-in keyboard on the Thinkpad T14s Gen 6
don't like getting more than one reset sent or they become
unresponsive.
This has been in snaps for a while and hasn't caused any major
regressions so we are confident the extra reset is not needed on
most hardware.
feedback from kettenis@
ok deraadt@ mlarkin@
|
|
This used to be a trivial wrapper of the ASN1_add_oid_module() horror.
It's no longer exported, so it can go away. It moves from the terribly
named file conf_mall.c to the equally terribly named file conf_sap.c.
I have no idea what mall and sap are supposed to mean in this context.
|
|
Another single-function file goes away.
|
|
The latter was used for EC_GROUP_new_curve_GF2m() and is now pointless.
ok jsing
|
|
|
|
|
|
Covers a few more corner cases in the elliptic curve code.
|
