src - OpenBSD base system

Age	Commit message (Collapse)	Author
2020-02-29	Next step in prepping for ffs2 installs: introduce a new install script var	Otto Moerbeek
	MDFSOPT and add a missing prototype.
2019-11-29	Add an element to the marks array to store the virtual address of the	Mark Kettenis
	entry point. ok mlarkin@, deraadt@
2019-11-28	Implement a hexdump command in the boot loader. This helps to	Alexander Bluhm
	inspect the memory layout that the firmware has created. It is especially useful for UEFI debugging. OK deraadt@ kettenis@
2019-11-01	Reduce BOOTRANDOM_MAX to 256. naddy pointed out there's no point having	Theo de Raadt
	it larger than RC4STATE. A long discussion ensued. In conclusion all entropy inputs are either satisfactory enough, or just as shitty at 512.
2019-10-29	Use arc4 to bit-spread the 512-byte random buffer over the .openbsd.randomdata	Theo de Raadt
	section, which has grown a fair bit with the introduction of retguard. Mortimer discovered the repeated 512-byte sequence as retguard keys, and this resolves the issue. (Chacha does not fit on the media, so 1.5K early drop RC4 is hopefully sufficient in our KARL link universe) Version crank the bootblocks. sysupgrade -s will install new bootblocks. ok djm mortimer
2019-10-29	add arc4 cipher to the bootblocks	Theo de Raadt
	ok djm mortimer
2019-08-03	In the bootblocks, after discovering and opening /bsd.upgrade, fchmod -x	Theo de Raadt
	so the file cannot be re-executed upon the next boot. This provides a stronger one-shot-upgrade model than the upgrade script's rm /bsd.upgrade. Now various forms of upgrade failure will reboot into /bsd, which is probably more recoverable. Performing fchmod -x depends on (1) use of MI boot.c (not alpha/macppc/sparc64/sgi/octeon) and (2) "can write blocks" functionality in the IO layer. Most architectures have this support now. Two diagnostics "fchmod a-x %s: failed" and "/bsd.upgrade is not u+x" will remain in the tree while refinements happen for some of the laggard architectures. based upon a discussion florian tested in snapshots for more than a week without any complaints
2019-05-11	we have never built without %b support	Theo de Raadt

2019-04-20	libsa's memcpy() is actually memmove(). make a proper memmove(), and give	Theo de Raadt
	memcpy() correct behaviour. This also brings the bcopy() macro into line.
2019-04-10	change marks[] array to uint64_t, so the code can track full 64-bit	Theo de Raadt
	details from the ELF header instead of faking it. Proposal from mlarkin, tested on most architectures already
2018-12-16	Make the freelist best fit code a tiny bit smarter to not use a block if	Otto Moerbeek
	half or more would be wasted. Causes more effective re-use of blocks. ok jsing@
2018-08-10	Retry on incorrect passphrase for softraid crypto boot.	Joel Sing
	Historically, the softraid crypto support in the boot loaders has only given one attempt to provide the correct passphrase. There were a few reasons for this, including the fact that pkcs5_pbkdf2() allows an empty passphrase and that returning EPERM allowed for another attempt. With the event of KARL and the need for bsd.booted with hibernate resumption, this becomes much more of an issue - if you get the passphrase wrong you fail to resume. There are also other situations like using /etc/boot.conf to switch serial console, but an incorrect passphrase results in the config not being read. Also, bcrypt_pbkdf() does not permit empty passphrases. This reworks the softraid crypto support in the boot loaders so that it loops requesting a valid passphrase until one is provided, or an empty passphrase is entered (at which point it will abort). ok mortimer@ tb@
2018-05-23	Align libsa ctime output with libc ctime output.	cheloha
	Use zero-padding to get double-digit HH:MM:SS and space-padding for the DOM. ok visa@
2018-03-31	Stop converting UDP and IP header values from network endianness to host	Patrick Wildt
	endianness for convenience reasons. Especially in code pathes like TFTP where the source port is read from the received UDP packet and used as destination port in a new UDP packet this can be very harmful. Luckily this issue has had no effect on our architectures since they never use any of the code paths that could be harmful. ok visa@
2018-01-17	Implement basic padding support in libsa so we can do zero-padding	Patrick Wildt
	in bootloader printfs. Feedback from and ok gerhard@
2017-11-10	"unknown KDF type 2" -> "keydisk not found".	Sunil Nimmagadda
	Inputs and ok jsing@.
2017-10-08	Revert: libsa lacks memmove currently; a more thorough rename/change is	Philip Guenther
	needed problem noted by naddy@
2017-10-07	bcopy() is expected to be overlap safe, so it implement it with memmove()	Philip Guenther
	not memcpy(). 'oh oh' deraadt@
2017-09-08	If you use sys/param.h, you don't need sys/types.h	Theo de Raadt

2017-05-31	make the AES-XTS mode a little more constant-time, though the AES	Damien Miller
	implementation that it depends on currently isn't. ok mikeb tom
2017-05-27	move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@	Christian Weisgerber

2017-05-08	Guard debug printf with NFS_DEBUG ifdef like the other debug prints.	Patrick Wildt
	ok tom@
2016-11-27	Add missing OpenBSD CVS tags	Reyk Floeter

2016-11-25	Fix signedness warnings with careful casts and replace a re-defined variable.	Reyk Floeter
	OK krw@
2016-09-18	Add bcrypt pbkdf support to the softraid crypto boot loader code.	Joel Sing
	Based on a diff from djm@
2016-09-18	Correctly handle short read()s in the libsa gzip handling lseek(). Also	Joel Sing
	avoid masking the errno from a failed read(). ok guenther@ tom@
2016-09-17	move the .SUNW_ctf section name definition to exec_elf.h and document it in ↵	Jasper Lievisse Adriaanse
	elf(5) feedback from guenther@ ok guenther@ kettenis@
2016-09-16	unifdef SAVE_MEMORY which is no longer set nor used	Jasper Lievisse Adriaanse
	ok deraadt@ millert@
2016-09-13	when loading the kernel binary, also load the .SUNW_ctf section when present,	Jasper Lievisse Adriaanse
	which holds the CTF data. ok mpi@
2016-09-11	Provide initial libsa softraid - this is currently just the data structures	Joel Sing
	and softraid crypto key handling code.
2016-09-10	Add bcrypt_pbkdf to libsa, from libutil. This will soon allow the boot	Joel Sing
	loader to support softraid crypto volumes using bcrypt pbkdf.
2016-09-10	Add blowfish to libsa, taken from libc - needed for bcrypt_pbkdf.	Joel Sing

2016-09-10	Add sha2 to libsa, taken from libc - needed for bcrypt_pbkdf.	Joel Sing

2016-09-10	Rename libsa pbkdf2.c to pkcs5_pbkdf2.c so that we match libutil.	Joel Sing

2016-09-10	Sync libsa pkcs5_pbkdf2() with libutil.	Joel Sing

2016-08-27	Declare lseek() instead of assuming it'll be provided elsewhere	Philip Guenther
	ok deraadt@
2016-03-14	Change a bunch of (<blah> *)0 to NULL.	Kenneth R Westerback
	ok beck@ deraadt@
2015-11-16	Replace unbounded gets() in libsa with getln() which takes a buffer size,	Miod Vallat
	and convert all gets() users. ok deraadt@
2015-10-26	(char *)0 -> NULL	mmcc
	ok tedu@
2015-10-26	Cast isdigit()'s argument to unsigned char.	mmcc
	ok guenther@
2015-09-18	Remove orphaned files.	Miod Vallat

2015-09-14	unify free(NULL,size) behaviour by allowing passing NULL	Sebastien Marie
	ok millert@ jasper@
2015-09-02	Initial commit of uefi boot loader of OpenBSD.	YASUOKA Masahiko
	ok deraadt yuo
2015-08-15	When sendrecv() returns -1, have rpc_call() return -1 as well. Otherwise, due	Miod Vallat
	to the cast to unsigned, it fails the error test and returns a bogus partial read to the caller, which is painful to debug.
2015-08-15	Use signed variables to store the result of rpc_call().	Miod Vallat

2015-07-17	Remove {LOAD,COUNT}_TEXTA from libsa loadfile, it only made sense for a.out	Miod Vallat
	kernels and we no longer have any.
2015-07-17	Adjust type of link_len to match type of di_size in underlying struct, and	Kent R. Spillner
	change type of len to size_t to match strlen(3) result. Drop unneeded casts. u_int64_t is overkill because the actual size is still limited to SYMLINK_MAX but it is probably better to match the filesystem types. ok miod@, guenther@
2015-07-16	Expand ancient NTOHL/NTOHS/HTONS/HTONL macros.	Martin Pieuchot
	ok guenther@, henning@
2015-06-14	Fix 1.26; kdoprnt() should not attempt to invoke va_end() at all, it's the	Miod Vallat
	caller's responsibility to do so.
2015-05-19	Extend the libsa loadfile(9) granularity to tell apart randomness from the rest	Miod Vallat
	of the kernel, and extend the array filled by loadfile to report the location of the randomness area. This doesn't introduce any change for bootblocks (save for a slightly larger stack usage due to the larger array), for the new {LOAD,COUNT}_RANDOM bits are included in the {LOAD,COUNT}_ALL masks everything uses or computes from.