From 3b3e4312d9040c1cf8519700bbf5a1efea52194a Mon Sep 17 00:00:00 2001 From: purplerain Date: Sun, 26 Jan 2025 04:26:31 +0000 Subject: [PATCH] sync with OpenBSD -current --- lib/libcrypto/aes/aes.h | 6 +- lib/libcrypto/aes/aes_local.h | 6 +- lib/libcrypto/bf/blowfish.h | 6 +- lib/libcrypto/camellia/camellia.h | 6 +- lib/libcrypto/cast/cast.h | 6 +- lib/libcrypto/chacha/chacha.h | 6 +- lib/libcrypto/des/des.h | 6 +- lib/libcrypto/dh/dh.h | 6 +- lib/libcrypto/dsa/dsa.h | 6 +- lib/libcrypto/ec/ec.h | 6 +- lib/libcrypto/ec/ec_asn1.c | 28 +-- lib/libcrypto/ec/ec_key.c | 4 +- lib/libcrypto/ec/ec_lib.c | 88 ++++----- lib/libcrypto/ec/ec_local.h | 5 +- lib/libcrypto/ec/eck_prn.c | 6 +- lib/libcrypto/ec/ecp_methods.c | 4 +- lib/libcrypto/hmac/hmac.h | 6 +- lib/libcrypto/idea/idea.h | 6 +- lib/libcrypto/md4/md4.h | 6 +- lib/libcrypto/md5/md5.h | 6 +- lib/libcrypto/poly1305/poly1305.h | 6 +- lib/libcrypto/rc2/rc2.h | 6 +- lib/libcrypto/rc4/rc4.h | 6 +- lib/libcrypto/ripemd/ripemd.h | 6 +- lib/libcrypto/rsa/rsa.h | 6 +- lib/libcrypto/sha/sha.h | 6 +- lib/libcrypto/sm2/sm2.h | 6 +- lib/libcrypto/sm3/sm3.h | 6 +- lib/libcrypto/sm4/sm4.h | 6 +- regress/usr.bin/mandoc/mdoc/Rs/Makefile | 7 +- regress/usr.bin/mandoc/mdoc/Rs/journal.in | 21 +++ .../usr.bin/mandoc/mdoc/Rs/journal.out_ascii | 14 ++ .../usr.bin/mandoc/mdoc/Rs/journal.out_html | 5 + .../mandoc/mdoc/Rs/journal.out_markdown | 21 +++ regress/usr.bin/mandoc/mdoc/Rs/outside.in | 18 ++ .../usr.bin/mandoc/mdoc/Rs/outside.out_ascii | 15 ++ .../usr.bin/mandoc/mdoc/Rs/outside.out_html | 4 + .../mandoc/mdoc/Rs/outside.out_markdown | 20 ++ .../usr.bin/mandoc/mdoc/Rs/paragraph.out_html | 16 +- regress/usr.bin/mandoc/mdoc/Rs/rfc.out_html | 8 +- sys/arch/arm64/arm64/cpu.c | 52 +++-- sys/arch/arm64/arm64/pmap.c | 6 +- sys/arch/arm64/dev/agintc.c | 69 ++++--- sys/arch/arm64/include/armreg.h | 32 +++- sys/kern/kern_exec.c | 6 +- sys/kern/kern_sig.c | 48 ++--- sys/kern/subr_hibernate.c | 6 +- sys/kern/uipc_socket2.c | 4 +- sys/kern/uipc_usrreq.c | 11 +- sys/net/if.c | 4 +- sys/net/if_wg.c | 177 +++++++++++++----- sys/net/pipex.c | 37 +++- sys/net/pipex.h | 54 +++--- sys/netinet/tcp_input.c | 47 ++--- sys/netinet/udp_usrreq.c | 5 +- sys/sys/proc.h | 4 +- sys/uvm/uvm_pdaemon.c | 3 +- usr.bin/mandoc/mandoc.css | 5 +- usr.bin/mandoc/mdoc_html.c | 40 ++-- usr.bin/mandoc/mdoc_man.c | 7 +- usr.sbin/bgpd/kroute.c | 8 +- usr.sbin/bgpd/rtr_proto.c | 6 +- 62 files changed, 634 insertions(+), 419 deletions(-) create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/journal.in create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/journal.out_ascii create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/journal.out_html create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/journal.out_markdown create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/outside.in create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/outside.out_ascii create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/outside.out_html create mode 100644 regress/usr.bin/mandoc/mdoc/Rs/outside.out_markdown diff --git a/lib/libcrypto/aes/aes.h b/lib/libcrypto/aes/aes.h index 38ef7c96b..fb16b187c 100644 --- a/lib/libcrypto/aes/aes.h +++ b/lib/libcrypto/aes/aes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: aes.h,v 1.15 2023/07/31 05:04:06 tb Exp $ */ +/* $OpenBSD: aes.h,v 1.16 2025/01/25 17:59:44 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * @@ -54,10 +54,6 @@ #include -#ifdef OPENSSL_NO_AES -#error AES is disabled. -#endif - #include #define AES_ENCRYPT 1 diff --git a/lib/libcrypto/aes/aes_local.h b/lib/libcrypto/aes/aes_local.h index 45edbae9e..7de4911e8 100644 --- a/lib/libcrypto/aes/aes_local.h +++ b/lib/libcrypto/aes/aes_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: aes_local.h,v 1.3 2024/03/27 11:15:44 jsing Exp $ */ +/* $OpenBSD: aes_local.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * @@ -54,10 +54,6 @@ #include -#ifdef OPENSSL_NO_AES -#error AES is disabled. -#endif - #include #include #include diff --git a/lib/libcrypto/bf/blowfish.h b/lib/libcrypto/bf/blowfish.h index b434e70cb..5ea99af39 100644 --- a/lib/libcrypto/bf/blowfish.h +++ b/lib/libcrypto/bf/blowfish.h @@ -1,4 +1,4 @@ -/* $OpenBSD: blowfish.h,v 1.17 2023/07/31 05:04:06 tb Exp $ */ +/* $OpenBSD: blowfish.h,v 1.18 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -65,10 +65,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_BF -#error BF is disabled. -#endif - #define BF_ENCRYPT 1 #define BF_DECRYPT 0 diff --git a/lib/libcrypto/camellia/camellia.h b/lib/libcrypto/camellia/camellia.h index 0fe50d24b..7948c5db6 100644 --- a/lib/libcrypto/camellia/camellia.h +++ b/lib/libcrypto/camellia/camellia.h @@ -1,4 +1,4 @@ -/* $OpenBSD: camellia.h,v 1.5 2014/11/13 20:01:58 miod Exp $ */ +/* $OpenBSD: camellia.h,v 1.6 2025/01/25 17:59:44 tb Exp $ */ /* ==================================================================== * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * @@ -54,10 +54,6 @@ #include -#ifdef OPENSSL_NO_CAMELLIA -#error CAMELLIA is disabled. -#endif - #include #define CAMELLIA_ENCRYPT 1 diff --git a/lib/libcrypto/cast/cast.h b/lib/libcrypto/cast/cast.h index 093669606..5c12d91f9 100644 --- a/lib/libcrypto/cast/cast.h +++ b/lib/libcrypto/cast/cast.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cast.h,v 1.13 2023/07/08 07:25:43 jsing Exp $ */ +/* $OpenBSD: cast.h,v 1.14 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -65,10 +65,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_CAST -#error CAST is disabled. -#endif - #define CAST_ENCRYPT 1 #define CAST_DECRYPT 0 diff --git a/lib/libcrypto/chacha/chacha.h b/lib/libcrypto/chacha/chacha.h index e2345b219..7d30c518a 100644 --- a/lib/libcrypto/chacha/chacha.h +++ b/lib/libcrypto/chacha/chacha.h @@ -1,4 +1,4 @@ -/* $OpenBSD: chacha.h,v 1.8 2019/01/22 00:59:21 dlg Exp $ */ +/* $OpenBSD: chacha.h,v 1.9 2025/01/25 17:59:44 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -20,10 +20,6 @@ #include -#if defined(OPENSSL_NO_CHACHA) -#error ChaCha is disabled. -#endif - #include #include diff --git a/lib/libcrypto/des/des.h b/lib/libcrypto/des/des.h index 5891fcefe..2d957a192 100644 --- a/lib/libcrypto/des/des.h +++ b/lib/libcrypto/des/des.h @@ -1,4 +1,4 @@ -/* $OpenBSD: des.h,v 1.22 2024/08/31 10:30:16 tb Exp $ */ +/* $OpenBSD: des.h,v 1.23 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,10 +61,6 @@ #include -#ifdef OPENSSL_NO_DES -#error DES is disabled. -#endif - #ifdef __cplusplus extern "C" { #endif diff --git a/lib/libcrypto/dh/dh.h b/lib/libcrypto/dh/dh.h index 65b4348ac..04bda3fac 100644 --- a/lib/libcrypto/dh/dh.h +++ b/lib/libcrypto/dh/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.37 2023/04/18 08:33:43 tb Exp $ */ +/* $OpenBSD: dh.h,v 1.38 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,10 +61,6 @@ #include -#ifdef OPENSSL_NO_DH -#error DH is disabled. -#endif - #ifndef OPENSSL_NO_BIO #include #endif diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h index f9cd81bae..a52fd51c7 100644 --- a/lib/libcrypto/dsa/dsa.h +++ b/lib/libcrypto/dsa/dsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.h,v 1.46 2024/12/05 19:34:46 tb Exp $ */ +/* $OpenBSD: dsa.h,v 1.47 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -67,10 +67,6 @@ #include -#ifdef OPENSSL_NO_DSA -#error DSA is disabled. -#endif - #ifndef OPENSSL_NO_BIO #include #endif diff --git a/lib/libcrypto/ec/ec.h b/lib/libcrypto/ec/ec.h index 10513795e..dd06dcb8b 100644 --- a/lib/libcrypto/ec/ec.h +++ b/lib/libcrypto/ec/ec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.h,v 1.48 2024/04/15 15:42:23 tb Exp $ */ +/* $OpenBSD: ec.h,v 1.49 2025/01/25 17:59:44 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -73,10 +73,6 @@ #include -#ifdef OPENSSL_NO_EC -#error EC is disabled. -#endif - #include #include diff --git a/lib/libcrypto/ec/ec_asn1.c b/lib/libcrypto/ec/ec_asn1.c index 98eec5134..faca6059e 100644 --- a/lib/libcrypto/ec/ec_asn1.c +++ b/lib/libcrypto/ec/ec_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_asn1.c,v 1.109 2024/12/06 05:13:35 tb Exp $ */ +/* $OpenBSD: ec_asn1.c,v 1.110 2025/01/25 10:27:58 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -651,36 +651,16 @@ ec_point_to_asn1_octet_string(const EC_GROUP *group, const EC_POINT *point, static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) { - BIGNUM *p = NULL; - int nid; int ret = 0; if (group == NULL || field == NULL) goto err; - nid = ec_group_get_field_type(group); - if (nid == NID_X9_62_characteristic_two_field) { - ECerror(EC_R_GF2M_NOT_SUPPORTED); - goto err; - } - if (nid != NID_X9_62_prime_field) { - ECerror(EC_R_INVALID_FIELD); - goto err; - } - - if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) { + if ((field->fieldType = OBJ_nid2obj(NID_X9_62_prime_field)) == NULL) { ECerror(ERR_R_OBJ_LIB); goto err; } - if ((p = BN_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_GROUP_get_curve(group, p, NULL, NULL, NULL)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if ((field->p.prime = BN_to_ASN1_INTEGER(p, NULL)) == NULL) { + if ((field->p.prime = BN_to_ASN1_INTEGER(group->p, NULL)) == NULL) { ECerror(ERR_R_ASN1_LIB); goto err; } @@ -688,8 +668,6 @@ ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) ret = 1; err: - BN_free(p); - return ret; } diff --git a/lib/libcrypto/ec/ec_key.c b/lib/libcrypto/ec/ec_key.c index c3cbf7f92..6257d67cd 100644 --- a/lib/libcrypto/ec/ec_key.c +++ b/lib/libcrypto/ec/ec_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_key.c,v 1.50 2025/01/11 20:57:03 tb Exp $ */ +/* $OpenBSD: ec_key.c,v 1.51 2025/01/25 10:34:36 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -513,7 +513,7 @@ EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx) { if (key->group == NULL) return 0; - return EC_GROUP_precompute_mult(key->group, ctx); + return 1; } LCRYPTO_ALIAS(EC_KEY_precompute_mult); diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c index a60543ab9..a6259ed58 100644 --- a/lib/libcrypto/ec/ec_lib.c +++ b/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.113 2025/01/22 09:56:58 jsing Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.116 2025/01/25 13:13:57 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -222,29 +222,6 @@ EC_GROUP_dup(const EC_GROUP *in_group) } LCRYPTO_ALIAS(EC_GROUP_dup); -const EC_METHOD * -EC_GROUP_method_of(const EC_GROUP *group) -{ - return group->meth; -} -LCRYPTO_ALIAS(EC_GROUP_method_of); - -int -EC_METHOD_get_field_type(const EC_METHOD *meth) -{ - return meth->field_type; -} -LCRYPTO_ALIAS(EC_METHOD_get_field_type); - -int -ec_group_get_field_type(const EC_GROUP *group) -{ - if (group == NULL || group->meth == NULL) - return NID_undef; - - return group->meth->field_type; -} - /* * If there is a user-provided cofactor, sanity check and use it. Otherwise * try computing the cofactor from generator order n and field cardinality p. @@ -738,8 +715,6 @@ EC_GROUP_cmp(const EC_GROUP *group1, const EC_GROUP *group2, BN_CTX *ctx_in) BN_CTX_start(ctx); - if (ec_group_get_field_type(group1) != ec_group_get_field_type(group2)) - goto distinct; if ((nid1 = EC_GROUP_get_curve_name(group1)) != NID_undef && (nid2 = EC_GROUP_get_curve_name(group2)) != NID_undef) { if (nid1 != nid2) @@ -914,13 +889,6 @@ EC_POINT_dup(const EC_POINT *in_point, const EC_GROUP *group) } LCRYPTO_ALIAS(EC_POINT_dup); -const EC_METHOD * -EC_POINT_method_of(const EC_POINT *point) -{ - return point->meth; -} -LCRYPTO_ALIAS(EC_POINT_method_of); - int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { @@ -1397,20 +1365,6 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, } LCRYPTO_ALIAS(EC_POINT_mul); -int -EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx_in) -{ - return 1; -} -LCRYPTO_ALIAS(EC_GROUP_precompute_mult); - -int -EC_GROUP_have_precompute_mult(const EC_GROUP *group) -{ - return 0; -} -LCRYPTO_ALIAS(EC_GROUP_have_precompute_mult); - /* * XXX - remove everything below in the next bump */ @@ -1451,3 +1405,43 @@ EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, return 0; } LCRYPTO_ALIAS(EC_POINTs_mul); + +const EC_METHOD * +EC_GROUP_method_of(const EC_GROUP *group) +{ + ECerror(ERR_R_DISABLED); + return NULL; +} +LCRYPTO_ALIAS(EC_GROUP_method_of); + +int +EC_METHOD_get_field_type(const EC_METHOD *meth) +{ + ECerror(ERR_R_DISABLED); + return NID_undef; +} +LCRYPTO_ALIAS(EC_METHOD_get_field_type); + +const EC_METHOD * +EC_POINT_method_of(const EC_POINT *point) +{ + ECerror(ERR_R_DISABLED); + return NULL; +} +LCRYPTO_ALIAS(EC_POINT_method_of); + +int +EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx_in) +{ + ECerror(ERR_R_DISABLED); + return 0; +} +LCRYPTO_ALIAS(EC_GROUP_precompute_mult); + +int +EC_GROUP_have_precompute_mult(const EC_GROUP *group) +{ + ECerror(ERR_R_DISABLED); + return 0; +} +LCRYPTO_ALIAS(EC_GROUP_have_precompute_mult); diff --git a/lib/libcrypto/ec/ec_local.h b/lib/libcrypto/ec/ec_local.h index 84c1552c8..d1e3c1fa4 100644 --- a/lib/libcrypto/ec/ec_local.h +++ b/lib/libcrypto/ec/ec_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_local.h,v 1.63 2025/01/22 09:56:58 jsing Exp $ */ +/* $OpenBSD: ec_local.h,v 1.65 2025/01/25 13:15:21 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -80,8 +80,6 @@ __BEGIN_HIDDEN_DECLS struct ec_method_st { - int field_type; - int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, @@ -177,7 +175,6 @@ int ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *m, const EC_POINT *point, const BIGNUM *n, BN_CTX *ctx); int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid); -int ec_group_get_field_type(const EC_GROUP *group); /* * Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}(). diff --git a/lib/libcrypto/ec/eck_prn.c b/lib/libcrypto/ec/eck_prn.c index 98e1a7e7b..c40a64966 100644 --- a/lib/libcrypto/ec/eck_prn.c +++ b/lib/libcrypto/ec/eck_prn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eck_prn.c,v 1.40 2024/11/25 06:51:39 tb Exp $ */ +/* $OpenBSD: eck_prn.c,v 1.41 2025/01/25 10:30:17 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -208,7 +208,6 @@ ecpk_print_explicit_parameters(BIO *bio, const EC_GROUP *group, int off) const unsigned char *seed; size_t seed_len; point_conversion_form_t form; - int nid; int ret = 0; if ((ctx = BN_CTX_new()) == NULL) { @@ -256,8 +255,7 @@ ecpk_print_explicit_parameters(BIO *bio, const EC_GROUP *group, int off) if (!BIO_indent(bio, off, 128)) goto err; - nid = ec_group_get_field_type(group); - if (BIO_printf(bio, "Field Type: %s\n", OBJ_nid2sn(nid)) <= 0) + if (BIO_printf(bio, "Field Type: %s\n", SN_X9_62_prime_field) <= 0) goto err; if (!bn_printf(bio, p, off, "Prime:")) diff --git a/lib/libcrypto/ec/ecp_methods.c b/lib/libcrypto/ec/ecp_methods.c index 8bcff77d0..ad975cb64 100644 --- a/lib/libcrypto/ec/ecp_methods.c +++ b/lib/libcrypto/ec/ecp_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_methods.c,v 1.41 2025/01/22 12:54:40 tb Exp $ */ +/* $OpenBSD: ecp_methods.c,v 1.42 2025/01/25 13:15:21 tb Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -1291,7 +1291,6 @@ ec_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, } static const EC_METHOD ec_GFp_simple_method = { - .field_type = NID_X9_62_prime_field, .group_set_curve = ec_group_set_curve, .group_get_curve = ec_group_get_curve, .point_is_on_curve = ec_point_is_on_curve, @@ -1316,7 +1315,6 @@ EC_GFp_simple_method(void) LCRYPTO_ALIAS(EC_GFp_simple_method); static const EC_METHOD ec_GFp_mont_method = { - .field_type = NID_X9_62_prime_field, .group_set_curve = ec_mont_group_set_curve, .group_get_curve = ec_group_get_curve, .point_is_on_curve = ec_point_is_on_curve, diff --git a/lib/libcrypto/hmac/hmac.h b/lib/libcrypto/hmac/hmac.h index 6f29972aa..2216fd925 100644 --- a/lib/libcrypto/hmac/hmac.h +++ b/lib/libcrypto/hmac/hmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.h,v 1.20 2024/08/31 10:42:21 tb Exp $ */ +/* $OpenBSD: hmac.h,v 1.21 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -64,10 +64,6 @@ #define __bounded__(x, y, z) #endif -#ifdef OPENSSL_NO_HMAC -#error HMAC is disabled. -#endif - #include #define HMAC_MAX_MD_CBLOCK 144 /* largest known is SHA3-224 */ diff --git a/lib/libcrypto/idea/idea.h b/lib/libcrypto/idea/idea.h index 81c3453bc..2bdd3647f 100644 --- a/lib/libcrypto/idea/idea.h +++ b/lib/libcrypto/idea/idea.h @@ -1,4 +1,4 @@ -/* $OpenBSD: idea.h,v 1.12 2024/05/19 07:12:50 jsg Exp $ */ +/* $OpenBSD: idea.h,v 1.13 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,10 +61,6 @@ #include /* IDEA_INT, OPENSSL_NO_IDEA */ -#ifdef OPENSSL_NO_IDEA -#error IDEA is disabled. -#endif - #define IDEA_ENCRYPT 1 #define IDEA_DECRYPT 0 diff --git a/lib/libcrypto/md4/md4.h b/lib/libcrypto/md4/md4.h index 2d0169e71..d2a107a19 100644 --- a/lib/libcrypto/md4/md4.h +++ b/lib/libcrypto/md4/md4.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md4.h,v 1.21 2024/06/01 18:42:49 tb Exp $ */ +/* $OpenBSD: md4.h,v 1.22 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,10 +71,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_MD4 -#error MD4 is disabled. -#endif - /* * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! MD4_LONG has to be at least 32 bits wide. ! diff --git a/lib/libcrypto/md5/md5.h b/lib/libcrypto/md5/md5.h index 99e71783b..4d94c84ba 100644 --- a/lib/libcrypto/md5/md5.h +++ b/lib/libcrypto/md5/md5.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.h,v 1.24 2025/01/19 07:51:41 jsing Exp $ */ +/* $OpenBSD: md5.h,v 1.25 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,10 +71,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_MD5 -#error MD5 is disabled. -#endif - #define MD5_LONG unsigned int #define MD5_CBLOCK 64 diff --git a/lib/libcrypto/poly1305/poly1305.h b/lib/libcrypto/poly1305/poly1305.h index 00ab0bfd2..f5383355a 100644 --- a/lib/libcrypto/poly1305/poly1305.h +++ b/lib/libcrypto/poly1305/poly1305.h @@ -1,4 +1,4 @@ -/* $OpenBSD: poly1305.h,v 1.3 2014/07/25 14:04:51 jsing Exp $ */ +/* $OpenBSD: poly1305.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -20,10 +20,6 @@ #include -#if defined(OPENSSL_NO_POLY1305) -#error Poly1305 is disabled. -#endif - #include #ifdef __cplusplus diff --git a/lib/libcrypto/rc2/rc2.h b/lib/libcrypto/rc2/rc2.h index 09c6c08a5..96e395f32 100644 --- a/lib/libcrypto/rc2/rc2.h +++ b/lib/libcrypto/rc2/rc2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rc2.h,v 1.12 2023/07/07 08:29:37 beck Exp $ */ +/* $OpenBSD: rc2.h,v 1.13 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,10 +61,6 @@ #include /* OPENSSL_NO_RC2, RC2_INT */ -#ifdef OPENSSL_NO_RC2 -#error RC2 is disabled. -#endif - #define RC2_ENCRYPT 1 #define RC2_DECRYPT 0 diff --git a/lib/libcrypto/rc4/rc4.h b/lib/libcrypto/rc4/rc4.h index ff2514187..a20472372 100644 --- a/lib/libcrypto/rc4/rc4.h +++ b/lib/libcrypto/rc4/rc4.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rc4.h,v 1.15 2024/03/27 12:13:08 jsing Exp $ */ +/* $OpenBSD: rc4.h,v 1.16 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,10 +61,6 @@ #include /* OPENSSL_NO_RC4, RC4_INT */ -#ifdef OPENSSL_NO_RC4 -#error RC4 is disabled. -#endif - #include #ifdef __cplusplus diff --git a/lib/libcrypto/ripemd/ripemd.h b/lib/libcrypto/ripemd/ripemd.h index 83f7b36bc..c7b1bd79b 100644 --- a/lib/libcrypto/ripemd/ripemd.h +++ b/lib/libcrypto/ripemd/ripemd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ripemd.h,v 1.19 2024/06/01 18:42:49 tb Exp $ */ +/* $OpenBSD: ripemd.h,v 1.20 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,10 +71,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_RIPEMD -#error RIPEMD is disabled. -#endif - #if defined(__LP32__) #define RIPEMD160_LONG unsigned long #elif defined(__ILP64__) diff --git a/lib/libcrypto/rsa/rsa.h b/lib/libcrypto/rsa/rsa.h index 60512317b..562012899 100644 --- a/lib/libcrypto/rsa/rsa.h +++ b/lib/libcrypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.66 2024/05/19 07:12:50 jsg Exp $ */ +/* $OpenBSD: rsa.h,v 1.67 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,10 +71,6 @@ #include -#ifdef OPENSSL_NO_RSA -#error RSA is disabled. -#endif - #ifdef __cplusplus extern "C" { #endif diff --git a/lib/libcrypto/sha/sha.h b/lib/libcrypto/sha/sha.h index cef2d7f49..ec97f48b2 100644 --- a/lib/libcrypto/sha/sha.h +++ b/lib/libcrypto/sha/sha.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sha.h,v 1.25 2024/06/01 08:11:44 tb Exp $ */ +/* $OpenBSD: sha.h,v 1.26 2025/01/25 17:59:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -70,10 +70,6 @@ extern "C" { #endif -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1) -#error SHA is disabled. -#endif - /* * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! SHA_LONG has to be at least 32 bits wide. ! diff --git a/lib/libcrypto/sm2/sm2.h b/lib/libcrypto/sm2/sm2.h index 2f14fe666..b5195a73e 100644 --- a/lib/libcrypto/sm2/sm2.h +++ b/lib/libcrypto/sm2/sm2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sm2.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */ +/* $OpenBSD: sm2.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ /* * Copyright (c) 2017, 2019 Ribose Inc * @@ -22,10 +22,6 @@ #include -#ifdef OPENSSL_NO_SM2 -#error SM2 is disabled. -#endif - #ifdef __cplusplus extern "C" { #endif diff --git a/lib/libcrypto/sm3/sm3.h b/lib/libcrypto/sm3/sm3.h index 553c64dcd..fa435d3d0 100644 --- a/lib/libcrypto/sm3/sm3.h +++ b/lib/libcrypto/sm3/sm3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sm3.h,v 1.1 2018/11/11 06:53:31 tb Exp $ */ +/* $OpenBSD: sm3.h,v 1.2 2025/01/25 17:59:44 tb Exp $ */ /* * Copyright (c) 2018, Ribose Inc * @@ -25,10 +25,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_SM3 -#error SM3 is disabled. -#endif - #define SM3_DIGEST_LENGTH 32 #define SM3_WORD unsigned int diff --git a/lib/libcrypto/sm4/sm4.h b/lib/libcrypto/sm4/sm4.h index 5931ac714..0c7fc223e 100644 --- a/lib/libcrypto/sm4/sm4.h +++ b/lib/libcrypto/sm4/sm4.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sm4.h,v 1.1 2019/03/17 17:42:37 tb Exp $ */ +/* $OpenBSD: sm4.h,v 1.2 2025/01/25 17:59:44 tb Exp $ */ /* * Copyright (c) 2017, 2019 Ribose Inc * @@ -26,10 +26,6 @@ extern "C" { #endif -#ifdef OPENSSL_NO_SM4 -#error SM4 is disabled. -#endif - #define SM4_DECRYPT 0 #define SM4_ENCRYPT 1 diff --git a/regress/usr.bin/mandoc/mdoc/Rs/Makefile b/regress/usr.bin/mandoc/mdoc/Rs/Makefile index 4eedb634d..8061ecfe1 100644 --- a/regress/usr.bin/mandoc/mdoc/Rs/Makefile +++ b/regress/usr.bin/mandoc/mdoc/Rs/Makefile @@ -1,9 +1,10 @@ -# $OpenBSD: Makefile,v 1.13 2025/01/19 23:01:27 schwarze Exp $ +# $OpenBSD: Makefile,v 1.14 2025/01/24 23:22:13 schwarze Exp $ -REGRESS_TARGETS = allch args break empty paragraph three_authors rfc transp +REGRESS_TARGETS = allch args break empty journal outside paragraph +REGRESS_TARGETS += rfc three_authors transp UTF8_TARGETS = allch break empty three_authors LINT_TARGETS = allch args empty -HTML_TARGETS = paragraph rfc +HTML_TARGETS = journal outside paragraph rfc # groff-1.22.3 defect: # - arguments after .Rs cause the macro to be ignored diff --git a/regress/usr.bin/mandoc/mdoc/Rs/journal.in b/regress/usr.bin/mandoc/mdoc/Rs/journal.in new file mode 100644 index 000000000..4143bc642 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/journal.in @@ -0,0 +1,21 @@ +.\" $OpenBSD: journal.in,v 1.1 2025/01/24 23:22:13 schwarze Exp $ +.Dd $Mdocdate: January 24 2025 $ +.Dt RS-JOURNAL 1 +.Os +.Sh NAME +.Nm Rs-journal +.Nd reference to a journal article +.Sh DESCRIPTION +BEGINTEST +.Pp +.Rs +.%A Brian W. Kernighan +.%A Lorinda L. Cherry +.%T System for Typesetting Mathematics +.%J Communications of the ACM +.%V 18 +.%P pp. 151\(en157 +.%D March 1975 +.Re +.Pp +ENDTEST diff --git a/regress/usr.bin/mandoc/mdoc/Rs/journal.out_ascii b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_ascii new file mode 100644 index 000000000..a6ad7a9dd --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_ascii @@ -0,0 +1,14 @@ +RS-JOURNAL(1) General Commands Manual RS-JOURNAL(1) + +NNAAMMEE + RRss--jjoouurrnnaall - reference to a journal article + +DDEESSCCRRIIPPTTIIOONN + BEGINTEST + + Brian W. Kernighan and Lorinda L. Cherry, "System for Typesetting + Mathematics", _C_o_m_m_u_n_i_c_a_t_i_o_n_s _o_f _t_h_e _A_C_M, 18, pp. 151-157, March 1975. + + ENDTEST + +OpenBSD January 24, 2025 OpenBSD diff --git a/regress/usr.bin/mandoc/mdoc/Rs/journal.out_html b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_html new file mode 100644 index 000000000..773554017 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_html @@ -0,0 +1,5 @@ +

Brian W. Kernighan and + Lorinda L. Cherry, “System + for Typesetting Mathematics”, Communications of + the ACM, 18, pp. + 151–157, March 1975.

diff --git a/regress/usr.bin/mandoc/mdoc/Rs/journal.out_markdown b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_markdown new file mode 100644 index 000000000..21ea2612e --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/journal.out_markdown @@ -0,0 +1,21 @@ +RS-JOURNAL(1) - General Commands Manual + +# NAME + +**Rs-journal** - reference to a journal article + +# DESCRIPTION + +BEGINTEST + +Brian W. Kernighan, +Lorinda L. Cherry, +"System for Typesetting Mathematics", +*Communications of the ACM*, +18, +pp. 151–157, +March 1975. + +ENDTEST + +OpenBSD - January 24, 2025 diff --git a/regress/usr.bin/mandoc/mdoc/Rs/outside.in b/regress/usr.bin/mandoc/mdoc/Rs/outside.in new file mode 100644 index 000000000..75396b431 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/outside.in @@ -0,0 +1,18 @@ +.\" $OpenBSD: outside.in,v 1.1 2025/01/24 23:22:13 schwarze Exp $ +.Dd $Mdocdate: January 24 2025 $ +.Dt RS-OUTSIDE 1 +.Os +.Sh NAME +.Nm Rs-outside +.Nd reference macros outside reference blocks +.Sh DESCRIPTION +BEGINTEST +.Pp +Some percent-macros can be used outside reference blocks. +For example, let's study +.%B The Book of PF +and relax reading +.%T A Standard for the Transmission of IP Datagrams on Avian Carriers +afterwards. +.Pp +ENDTEST diff --git a/regress/usr.bin/mandoc/mdoc/Rs/outside.out_ascii b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_ascii new file mode 100644 index 000000000..1600d627b --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_ascii @@ -0,0 +1,15 @@ +RS-OUTSIDE(1) General Commands Manual RS-OUTSIDE(1) + +NNAAMMEE + RRss--oouuttssiiddee - reference macros outside reference blocks + +DDEESSCCRRIIPPTTIIOONN + BEGINTEST + + Some percent-macros can be used outside reference blocks. For example, + let's study _T_h_e _B_o_o_k _o_f _P_F and relax reading _A _S_t_a_n_d_a_r_d _f_o_r _t_h_e + _T_r_a_n_s_m_i_s_s_i_o_n _o_f _I_P _D_a_t_a_g_r_a_m_s _o_n _A_v_i_a_n _C_a_r_r_i_e_r_s afterwards. + + ENDTEST + +OpenBSD January 24, 2025 OpenBSD diff --git a/regress/usr.bin/mandoc/mdoc/Rs/outside.out_html b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_html new file mode 100644 index 000000000..05d7df752 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_html @@ -0,0 +1,4 @@ +

Some percent-macros can be used outside reference blocks. For + example, let's study The Book of PF and relax + reading A Standard for the Transmission of IP Datagrams on + Avian Carriers afterwards.

diff --git a/regress/usr.bin/mandoc/mdoc/Rs/outside.out_markdown b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_markdown new file mode 100644 index 000000000..565f7e7dc --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/Rs/outside.out_markdown @@ -0,0 +1,20 @@ +RS-OUTSIDE(1) - General Commands Manual + +# NAME + +**Rs-outside** - reference macros outside reference blocks + +# DESCRIPTION + +BEGINTEST + +Some percent-macros can be used outside reference blocks. +For example, let's study +*The Book of PF* +and relax reading +*A Standard for the Transmission of IP Datagrams on Avian Carriers* +afterwards. + +ENDTEST + +OpenBSD - January 24, 2025 diff --git a/regress/usr.bin/mandoc/mdoc/Rs/paragraph.out_html b/regress/usr.bin/mandoc/mdoc/Rs/paragraph.out_html index 0a4fc8a3a..202ab6dfd 100644 --- a/regress/usr.bin/mandoc/mdoc/Rs/paragraph.out_html +++ b/regress/usr.bin/mandoc/mdoc/Rs/paragraph.out_html @@ -1,15 +1,15 @@
- initial reference: author name, - book title.

-

in a paragraph: another - author, another book.

+ initial reference: author name, + book title.

+

in a paragraph: another + author, another book.

initial reference:

-

author name, - book title.

+

author name, + book title.

in a paragraph:

-

another author, - another book.

+

another author, + another book.

diff --git a/regress/usr.bin/mandoc/mdoc/Rs/rfc.out_html b/regress/usr.bin/mandoc/mdoc/Rs/rfc.out_html index aca35f02d..342466b40 100644 --- a/regress/usr.bin/mandoc/mdoc/Rs/rfc.out_html +++ b/regress/usr.bin/mandoc/mdoc/Rs/rfc.out_html @@ -1,5 +1,5 @@ -

David Waitzman, - A Standard for the Transmission of IP Datagrams on Avian - Carriers, +

David Waitzman, + A Standard for the Transmission of IP Datagrams on Avian + Carriers, RFC - 1149, April 1990.

+ 1149, April 1990.

diff --git a/sys/arch/arm64/arm64/cpu.c b/sys/arch/arm64/arm64/cpu.c index 14ee6216d..4fb10f14a 100644 --- a/sys/arch/arm64/arm64/cpu.c +++ b/sys/arch/arm64/arm64/cpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.c,v 1.134 2024/11/10 06:51:59 jsg Exp $ */ +/* $OpenBSD: cpu.c,v 1.135 2025/01/25 12:29:35 kettenis Exp $ */ /* * Copyright (c) 2016 Dale Rahn @@ -868,19 +868,31 @@ cpu_identify(struct cpu_info *ci) sep = ","; } - if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_BASE) { + if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_PAC) { printf("%sAPI", sep); sep = ","; } - if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_PAC) - printf("+PAC"); + if (ID_AA64ISAR1_API(id) == ID_AA64ISAR1_API_EPAC) + printf("+EPAC"); + else if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_EPAC2) + printf("+EPAC2"); + if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_FPAC) + printf("+FPAC"); + if (ID_AA64ISAR1_API(id) >= ID_AA64ISAR1_API_FPAC_COMBINED) + printf("+COMBINED"); - if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_BASE) { + if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_PAC) { printf("%sAPA", sep); sep = ","; } - if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_PAC) - printf("+PAC"); + if (ID_AA64ISAR1_APA(id) == ID_AA64ISAR1_APA_EPAC) + printf("+EPAC"); + else if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_EPAC2) + printf("+EPAC2"); + if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_FPAC) + printf("+FPAC"); + if (ID_AA64ISAR1_APA(id) >= ID_AA64ISAR1_APA_FPAC_COMBINED) + printf("+COMBINED"); if (ID_AA64ISAR1_DPB(id) >= ID_AA64ISAR1_DPB_IMPL) { printf("%sDPB", sep); @@ -919,6 +931,24 @@ cpu_identify(struct cpu_info *ci) sep = ","; } + if (ID_AA64ISAR2_GPA3(id) >= ID_AA64ISAR2_GPA3_IMPL) { + printf("%sGPA3", sep); + sep = ","; + } + + if (ID_AA64ISAR2_APA3(id) >= ID_AA64ISAR2_APA3_PAC) { + printf("%sAPA3", sep); + sep = ","; + } + if (ID_AA64ISAR2_APA3(id) == ID_AA64ISAR2_APA3_EPAC) + printf("+EPAC"); + else if (ID_AA64ISAR2_APA3(id) >= ID_AA64ISAR2_APA3_EPAC2) + printf("+EPAC2"); + if (ID_AA64ISAR2_APA3(id) >= ID_AA64ISAR2_APA3_FPAC) + printf("+FPAC"); + if (ID_AA64ISAR2_APA3(id) >= ID_AA64ISAR2_APA3_FPAC_COMBINED) + printf("+COMBINED"); + if (ID_AA64ISAR2_RPRES(id) >= ID_AA64ISAR2_RPRES_IMPL) { printf("%sRPRES", sep); sep = ","; @@ -1220,8 +1250,8 @@ cpu_identify_cleanup(void) hwcap |= HWCAP_SSBS; if (ID_AA64ISAR1_SB(cpu_id_aa64isar1) >= ID_AA64ISAR1_SB_IMPL) hwcap |= HWCAP_SB; - if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_BASE || - ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) + if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC || + ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC) hwcap |= HWCAP_PACA; if (ID_AA64ISAR1_GPA(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPA_IMPL || ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL) @@ -1493,8 +1523,8 @@ cpu_init(void) __asm volatile (".arch armv8.4-a; msr dit, #1"); /* Enable PAuth. */ - if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_BASE || - ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { + if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC || + ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC) { sctlr = READ_SPECIALREG(sctlr_el1); sctlr |= SCTLR_EnIA | SCTLR_EnDA; sctlr |= SCTLR_EnIB | SCTLR_EnDB; diff --git a/sys/arch/arm64/arm64/pmap.c b/sys/arch/arm64/arm64/pmap.c index 1c66247b5..e53bc678c 100644 --- a/sys/arch/arm64/arm64/pmap.c +++ b/sys/arch/arm64/arm64/pmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmap.c,v 1.106 2025/01/18 16:35:30 kettenis Exp $ */ +/* $OpenBSD: pmap.c,v 1.107 2025/01/25 12:29:35 kettenis Exp $ */ /* * Copyright (c) 2008-2009,2014-2016 Dale Rahn * @@ -2316,8 +2316,8 @@ __attribute__((target("+pauth"))) void pmap_setpauthkeys(struct pmap *pm) { - if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_BASE || - ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { + if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC || + ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC) { __asm volatile ("msr apiakeylo_el1, %0" :: "r"(pm->pm_apiakey[0])); __asm volatile ("msr apiakeyhi_el1, %0" diff --git a/sys/arch/arm64/dev/agintc.c b/sys/arch/arm64/dev/agintc.c index 34f7c9ac0..e319198a2 100644 --- a/sys/arch/arm64/dev/agintc.c +++ b/sys/arch/arm64/dev/agintc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: agintc.c,v 1.61 2024/12/07 21:12:22 patrick Exp $ */ +/* $OpenBSD: agintc.c,v 1.62 2025/01/24 20:17:28 kettenis Exp $ */ /* * Copyright (c) 2007, 2009, 2011, 2017 Dale Rahn * Copyright (c) 2018 Mark Kettenis @@ -163,7 +163,7 @@ struct agintc_softc { bus_space_tag_t sc_iot; bus_space_handle_t sc_d_ioh; bus_space_handle_t *sc_r_ioh; - bus_space_handle_t sc_redist_base; + bus_space_handle_t *sc_rbase_ioh; bus_dma_tag_t sc_dmat; uint16_t *sc_processor; int sc_cpuremap[MAXCPUS]; @@ -178,6 +178,7 @@ struct agintc_softc { struct evcount sc_spur; int sc_ncells; int sc_num_redist; + int sc_num_redist_regions; struct agintc_dmamem *sc_prop; struct agintc_dmamem *sc_pend; struct interrupt_controller sc_ic; @@ -314,7 +315,7 @@ agintc_attach(struct device *parent, struct device *self, void *aux) uint32_t affinity; uint64_t redist_stride; int i, nbits, nintr; - int offset, nredist; + int idx, offset, nredist; #ifdef MULTIPROCESSOR int nipi, ipiirq[3]; #endif @@ -325,15 +326,23 @@ agintc_attach(struct device *parent, struct device *self, void *aux) sc->sc_iot = faa->fa_iot; sc->sc_dmat = faa->fa_dmat; - /* First row: distributor */ + sc->sc_num_redist_regions = + OF_getpropint(faa->fa_node, "#redistributor-regions", 1); + + if (faa->fa_nreg < sc->sc_num_redist_regions + 1) + panic("%s: missing registers", __func__); + if (bus_space_map(sc->sc_iot, faa->fa_reg[0].addr, faa->fa_reg[0].size, 0, &sc->sc_d_ioh)) - panic("%s: ICD bus_space_map failed!", __func__); + panic("%s: GICD bus_space_map failed", __func__); - /* Second row: redistributor */ - if (bus_space_map(sc->sc_iot, faa->fa_reg[1].addr, - faa->fa_reg[1].size, 0, &sc->sc_redist_base)) - panic("%s: ICP bus_space_map failed!", __func__); + sc->sc_rbase_ioh = mallocarray(sc->sc_num_redist_regions, + sizeof(*sc->sc_rbase_ioh), M_DEVBUF, M_WAITOK); + for (idx = 0; idx < sc->sc_num_redist_regions; idx++) { + if (bus_space_map(sc->sc_iot, faa->fa_reg[1 + idx].addr, + faa->fa_reg[1 + idx].size, 0, &sc->sc_rbase_ioh[idx])) + panic("%s: GICR bus_space_map failed", __func__); + } typer = bus_space_read_4(sc->sc_iot, sc->sc_d_ioh, GICD_TYPER); @@ -434,13 +443,14 @@ agintc_attach(struct device *parent, struct device *self, void *aux) agintc_sc = sc; /* save this for global access */ /* find the redistributors. */ + idx = 0; offset = 0; redist_stride = OF_getpropint64(faa->fa_node, "redistributor-stride", 0); - for (nredist = 0; ; nredist++) { + for (nredist = 0; idx < sc->sc_num_redist_regions; nredist++) { uint64_t typer; int32_t sz; - typer = bus_space_read_8(sc->sc_iot, sc->sc_redist_base, + typer = bus_space_read_8(sc->sc_iot, sc->sc_rbase_ioh[idx], offset + GICR_TYPER); if (redist_stride == 0) { @@ -455,13 +465,14 @@ agintc_attach(struct device *parent, struct device *self, void *aux) #endif offset += sz; - - if (typer & GICR_TYPER_LAST) { - sc->sc_num_redist = nredist + 1; - break; + if (offset >= faa->fa_reg[1 + idx].size || + typer & GICR_TYPER_LAST) { + offset = 0; + idx++; } } + sc->sc_num_redist = nredist; printf(" nirq %d nredist %d", nintr, sc->sc_num_redist); sc->sc_r_ioh = mallocarray(sc->sc_num_redist, @@ -470,12 +481,13 @@ agintc_attach(struct device *parent, struct device *self, void *aux) sizeof(*sc->sc_processor), M_DEVBUF, M_WAITOK); /* submap and configure the redistributors. */ + idx = 0; offset = 0; for (nredist = 0; nredist < sc->sc_num_redist; nredist++) { uint64_t typer; int32_t sz; - typer = bus_space_read_8(sc->sc_iot, sc->sc_redist_base, + typer = bus_space_read_8(sc->sc_iot, sc->sc_rbase_ioh[idx], offset + GICR_TYPER); if (redist_stride == 0) { @@ -486,7 +498,7 @@ agintc_attach(struct device *parent, struct device *self, void *aux) sz = redist_stride; affinity = bus_space_read_8(sc->sc_iot, - sc->sc_redist_base, offset + GICR_TYPER) >> 32; + sc->sc_rbase_ioh[idx], offset + GICR_TYPER) >> 32; CPU_INFO_FOREACH(cii, ci) { if (affinity == (((ci->ci_mpidr >> 8) & 0xff000000) | (ci->ci_mpidr & 0x00ffffff))) @@ -496,27 +508,32 @@ agintc_attach(struct device *parent, struct device *self, void *aux) sc->sc_cpuremap[ci->ci_cpuid] = nredist; sc->sc_processor[nredist] = bus_space_read_8(sc->sc_iot, - sc->sc_redist_base, offset + GICR_TYPER) >> 8; + sc->sc_rbase_ioh[idx], offset + GICR_TYPER) >> 8; - bus_space_subregion(sc->sc_iot, sc->sc_redist_base, + bus_space_subregion(sc->sc_iot, sc->sc_rbase_ioh[idx], offset, sz, &sc->sc_r_ioh[nredist]); if (sc->sc_nlpi > 0) { - bus_space_write_8(sc->sc_iot, sc->sc_redist_base, + bus_space_write_8(sc->sc_iot, sc->sc_rbase_ioh[idx], offset + GICR_PROPBASER, AGINTC_DMA_DVA(sc->sc_prop) | GICR_PROPBASER_ISH | GICR_PROPBASER_IC_NORM_NC | fls(LPI_BASE + sc->sc_nlpi - 1) - 1); - bus_space_write_8(sc->sc_iot, sc->sc_redist_base, + bus_space_write_8(sc->sc_iot, sc->sc_rbase_ioh[idx], offset + GICR_PENDBASER, AGINTC_DMA_DVA(sc->sc_pend) | GICR_PENDBASER_ISH | GICR_PENDBASER_IC_NORM_NC | GICR_PENDBASER_PTZ); - bus_space_write_4(sc->sc_iot, sc->sc_redist_base, + bus_space_write_4(sc->sc_iot, sc->sc_rbase_ioh[idx], offset + GICR_CTLR, GICR_CTLR_ENABLE_LPIS); } offset += sz; + if (offset >= faa->fa_reg[1 + idx].size || + typer & GICR_TYPER_LAST) { + offset = 0; + idx++; + } } /* Disable all interrupts, clear all pending */ @@ -696,7 +713,13 @@ unmap: if (sc->sc_prop) agintc_dmamem_free(sc->sc_dmat, sc->sc_prop); - bus_space_unmap(sc->sc_iot, sc->sc_redist_base, faa->fa_reg[1].size); + for (idx = 0; idx < sc->sc_num_redist_regions; idx++) { + bus_space_unmap(sc->sc_iot, sc->sc_rbase_ioh[idx], + faa->fa_reg[1 + idx].size); + } + free(sc->sc_rbase_ioh, M_DEVBUF, + sc->sc_num_redist_regions * sizeof(*sc->sc_rbase_ioh)); + bus_space_unmap(sc->sc_iot, sc->sc_d_ioh, faa->fa_reg[0].size); } diff --git a/sys/arch/arm64/include/armreg.h b/sys/arch/arm64/include/armreg.h index c7d33f515..0f1192736 100644 --- a/sys/arch/arm64/include/armreg.h +++ b/sys/arch/arm64/include/armreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: armreg.h,v 1.39 2024/11/08 04:40:34 jsg Exp $ */ +/* $OpenBSD: armreg.h,v 1.40 2025/01/25 12:29:35 kettenis Exp $ */ /*- * Copyright (c) 2013, 2014 Andrew Turner * Copyright (c) 2015 The FreeBSD Foundation @@ -368,14 +368,20 @@ #define ID_AA64ISAR1_APA_MASK (0xfULL << ID_AA64ISAR1_APA_SHIFT) #define ID_AA64ISAR1_APA(x) ((x) & ID_AA64ISAR1_APA_MASK) #define ID_AA64ISAR1_APA_NONE (0x0ULL << ID_AA64ISAR1_APA_SHIFT) -#define ID_AA64ISAR1_APA_BASE (0x1ULL << ID_AA64ISAR1_APA_SHIFT) -#define ID_AA64ISAR1_APA_PAC (0x2ULL << ID_AA64ISAR1_APA_SHIFT) +#define ID_AA64ISAR1_APA_PAC (0x1ULL << ID_AA64ISAR1_APA_SHIFT) +#define ID_AA64ISAR1_APA_EPAC (0x2ULL << ID_AA64ISAR1_APA_SHIFT) +#define ID_AA64ISAR1_APA_EPAC2 (0x3ULL << ID_AA64ISAR1_APA_SHIFT) +#define ID_AA64ISAR1_APA_FPAC (0x4ULL << ID_AA64ISAR1_APA_SHIFT) +#define ID_AA64ISAR1_APA_FPAC_COMBINED (0x5ULL << ID_AA64ISAR1_APA_SHIFT) #define ID_AA64ISAR1_API_SHIFT 8 #define ID_AA64ISAR1_API_MASK (0xfULL << ID_AA64ISAR1_API_SHIFT) #define ID_AA64ISAR1_API(x) ((x) & ID_AA64ISAR1_API_MASK) #define ID_AA64ISAR1_API_NONE (0x0ULL << ID_AA64ISAR1_API_SHIFT) -#define ID_AA64ISAR1_API_BASE (0x1ULL << ID_AA64ISAR1_API_SHIFT) -#define ID_AA64ISAR1_API_PAC (0x2ULL << ID_AA64ISAR1_API_SHIFT) +#define ID_AA64ISAR1_API_PAC (0x1ULL << ID_AA64ISAR1_API_SHIFT) +#define ID_AA64ISAR1_API_EPAC (0x2ULL << ID_AA64ISAR1_API_SHIFT) +#define ID_AA64ISAR1_API_EPAC2 (0x3ULL << ID_AA64ISAR1_API_SHIFT) +#define ID_AA64ISAR1_API_FPAC (0x4ULL << ID_AA64ISAR1_API_SHIFT) +#define ID_AA64ISAR1_API_FPAC_COMBINED (0x5ULL << ID_AA64ISAR1_API_SHIFT) #define ID_AA64ISAR1_JSCVT_SHIFT 12 #define ID_AA64ISAR1_JSCVT_MASK (0xfULL << ID_AA64ISAR1_JSCVT_SHIFT) #define ID_AA64ISAR1_JSCVT(x) ((x) & ID_AA64ISAR1_JSCVT_MASK) @@ -458,6 +464,22 @@ #define ID_AA64ISAR2_RPRES(x) ((x) & ID_AA64ISAR2_RPRES_MASK) #define ID_AA64ISAR2_RPRES_NONE (0x0ULL << ID_AA64ISAR2_RPRES_SHIFT) #define ID_AA64ISAR2_RPRES_IMPL (0x1ULL << ID_AA64ISAR2_RPRES_SHIFT) +#define ID_AA64ISAR2_GPA3_SHIFT 8 +#define ID_AA64ISAR2_GPA3_WIDTH 4 +#define ID_AA64ISAR2_GPA3_MASK (0xfULL << ID_AA64ISAR2_GPA3_SHIFT) +#define ID_AA64ISAR2_GPA3(x) ((x) & ID_AA64ISAR2_GPA3_MASK) +#define ID_AA64ISAR2_GPA3_NONE (0x0ULL << ID_AA64ISAR2_GPA3_SHIFT) +#define ID_AA64ISAR2_GPA3_IMPL (0x1ULL << ID_AA64ISAR2_GPA3_SHIFT) +#define ID_AA64ISAR2_APA3_SHIFT 12 +#define ID_AA64ISAR2_APA3_WIDTH 4 +#define ID_AA64ISAR2_APA3_MASK (0xfULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3(x) ((x) & ID_AA64ISAR2_APA3_MASK) +#define ID_AA64ISAR2_APA3_NONE (0x0ULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3_PAC (0x1ULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3_EPAC (0x2ULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3_EPAC2 (0x3ULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3_FPAC (0x4ULL << ID_AA64ISAR2_APA3_SHIFT) +#define ID_AA64ISAR2_APA3_FPAC_COMBINED (0x5ULL << ID_AA64ISAR2_APA3_SHIFT) #define ID_AA64ISAR2_MOPS_SHIFT 16 #define ID_AA64ISAR2_MOPS_MASK (0xfULL << ID_AA64ISAR2_MOPS_SHIFT) #define ID_AA64ISAR2_MOPS(x) ((x) & ID_AA64ISAR2_MOPS_MASK) diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 5234fd6aa..de95acf6b 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exec.c,v 1.259 2024/09/30 11:49:44 claudio Exp $ */ +/* $OpenBSD: kern_exec.c,v 1.260 2025/01/25 19:21:40 claudio Exp $ */ /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */ /*- @@ -748,7 +748,7 @@ sys_execve(struct proc *p, void *v, register_t *retval) atomic_clearbits_int(&p->p_p->ps_flags, PS_WXNEEDED); atomic_clearbits_int(&pr->ps_flags, PS_INEXEC); - single_thread_clear(p, P_SUSPSIG); + single_thread_clear(p); /* setregs() sets up all the registers, so just 'return' */ return EJUSTRETURN; @@ -775,7 +775,7 @@ bad: freehdr: free(pack.ep_hdr, M_EXEC, pack.ep_hdrlen); atomic_clearbits_int(&pr->ps_flags, PS_INEXEC); - single_thread_clear(p, P_SUSPSIG); + single_thread_clear(p); return (error); diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 9e3002a2b..8b5720c98 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.357 2025/01/22 16:13:09 claudio Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.359 2025/01/25 19:21:40 claudio Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -125,7 +125,7 @@ void proc_stop(struct proc *p, int); void proc_stop_sweep(void *); void *proc_stop_si; -void process_continue(struct proc *, int); +void process_continue(struct process *, int); void setsigctx(struct proc *, int, struct sigctx *); void postsig_done(struct proc *, int, sigset_t, int); @@ -1119,7 +1119,7 @@ ptsignal_locked(struct proc *p, int signum, enum signal_type type) unsleep(p); } - process_continue(p, P_SUSPSIG); + process_continue(pr, P_SUSPSIG); wakeparent = 1; goto out; } @@ -1509,26 +1509,25 @@ proc_trap(struct proc *p, int signum) signum = pr->ps_xsig; pr->ps_xsig = 0; if ((p->p_flag & P_TRACESINGLE) == 0) - single_thread_clear(p, 0); + single_thread_clear(p); atomic_clearbits_int(&p->p_flag, P_TRACESINGLE); return signum; } /* - * Continue all threads of a process that were stopped because of `flag'." + * Continue all threads of a process that were stopped because of `flag'. */ void -process_continue(struct proc *p, int flag) +process_continue(struct process *pr, int flag) { - struct process *pr = p->p_p; - struct proc *q; + struct proc *q, *p = NULL; MUTEX_ASSERT_LOCKED(&pr->ps_mtx); - /* wake all if called from a different process */ - if (curproc != p) - p = NULL; + /* skip curproc if it is part of pr */ + if (curproc->p_p == pr) + p = curproc; TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) { if (q == p) @@ -1537,20 +1536,27 @@ process_continue(struct proc *p, int flag) continue; atomic_clearbits_int(&q->p_flag, flag); - /* - * clearing either makes the thread runnable or puts - * it back into some sleep queue - */ /* * XXX in ptsignal the SCHED_LOCK is already held so we can't * grab it here until that is fixed. */ /* XXX SCHED_LOCK(); */ SCHED_ASSERT_LOCKED(); - if (q->p_wchan == NULL) - setrunnable(q); - else - q->p_stat = SSLEEP; + /* + * Stopping a process is not an atomic operation so + * it is possible that some threads are not stopped + * when process_continue is called. These threads + * need to be skipped. + * + * Clearing either makes the thread runnable or puts + * it back into some sleep queue. + */ + if (q->p_stat == SSTOP) { + if (q->p_wchan == NULL) + setrunnable(q); + else + q->p_stat = SSLEEP; + } /* XXX SCHED_UNLOCK(); */ } } @@ -2288,7 +2294,7 @@ single_thread_wait(struct process *pr, int recheck) } void -single_thread_clear(struct proc *p, int flag) +single_thread_clear(struct proc *p) { struct process *pr = p->p_p; @@ -2300,7 +2306,7 @@ single_thread_clear(struct proc *p, int flag) atomic_clearbits_int(&pr->ps_flags, PS_SINGLEUNWIND | PS_SINGLEEXIT); SCHED_LOCK(); - process_continue(p, P_SUSPSINGLE); + process_continue(pr, P_SUSPSINGLE); SCHED_UNLOCK(); mtx_leave(&pr->ps_mtx); diff --git a/sys/kern/subr_hibernate.c b/sys/kern/subr_hibernate.c index 061964f6b..3c5411ed1 100644 --- a/sys/kern/subr_hibernate.c +++ b/sys/kern/subr_hibernate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: subr_hibernate.c,v 1.151 2025/01/13 17:50:54 krw Exp $ */ +/* $OpenBSD: subr_hibernate.c,v 1.152 2025/01/24 18:13:29 krw Exp $ */ /* * Copyright (c) 2011 Ariane van der Steldt @@ -99,8 +99,6 @@ int hib_debug = 99; #define DNPRINTF(n,x...) #endif -#define ROUNDUP(_x, _y) ((((_x)+(_y)-1)/(_y))*(_y)) - #ifndef NO_PROPOLICE extern long __guard_local; #endif /* ! NO_PROPOLICE */ @@ -1609,7 +1607,7 @@ hibernate_write_chunks(union hibernate_info *hib) out_remaining = hibernate_state->hib_stream.avail_out; /* Round up to next sector if needed */ - used = ROUNDUP(2 * PAGE_SIZE - out_remaining, hib->sec_size); + used = roundup(2 * PAGE_SIZE - out_remaining, hib->sec_size); /* Write final block(s) for this chunk */ if ((err = hibernate_write(hib, blkctr, diff --git a/sys/kern/uipc_socket2.c b/sys/kern/uipc_socket2.c index b6572675a..2eee6d9d0 100644 --- a/sys/kern/uipc_socket2.c +++ b/sys/kern/uipc_socket2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket2.c,v 1.168 2025/01/22 15:05:49 mvs Exp $ */ +/* $OpenBSD: uipc_socket2.c,v 1.169 2025/01/25 22:06:41 bluhm Exp $ */ /* $NetBSD: uipc_socket2.c,v 1.11 1996/02/04 02:17:55 christos Exp $ */ /* @@ -237,8 +237,6 @@ sonewconn(struct socket *head, int connstatus, int wait) wakeup(&head->so_timeo); } - sounlock_nonet(so); - return (so); fail: diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index cb412e88b..78f5e4c79 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_usrreq.c,v 1.213 2025/01/20 16:34:48 bluhm Exp $ */ +/* $OpenBSD: uipc_usrreq.c,v 1.214 2025/01/25 22:06:41 bluhm Exp $ */ /* $NetBSD: uipc_usrreq.c,v 1.18 1996/02/09 19:00:50 christos Exp $ */ /* @@ -890,18 +890,17 @@ unp_connect(struct socket *so, struct mbuf *nam, struct proc *p) if ((so2->so_options & SO_ACCEPTCONN) == 0 || (so3 = sonewconn(so2, 0, M_WAIT)) == NULL) { + sounlock(so2); error = ECONNREFUSED; - } - - sounlock(so2); - - if (error != 0) goto put; + } /* * Since `so2' is protected by vnode(9) lock, `so3' * can't be PRU_ABORT'ed here. */ + sounlock(so2); + sounlock(so3); solock_pair(so, so3); unp2 = sotounpcb(so2); diff --git a/sys/net/if.c b/sys/net/if.c index 78bfeaa1b..3dceba451 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.724 2025/01/24 09:19:07 mvs Exp $ */ +/* $OpenBSD: if.c,v 1.725 2025/01/25 10:53:36 mvs Exp $ */ /* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */ /* @@ -3195,7 +3195,7 @@ if_getgrouplist(caddr_t data) NET_LOCK_SHARED(); TAILQ_FOREACH(ifg, &ifg_head, ifg_next) ifgr->ifgr_len += sizeof(ifgrq); - NET_LOCK_SHARED(); + NET_UNLOCK_SHARED(); return (0); } diff --git a/sys/net/if_wg.c b/sys/net/if_wg.c index 08f1216cf..2ec68e16c 100644 --- a/sys/net/if_wg.c +++ b/sys/net/if_wg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_wg.c,v 1.39 2024/10/31 12:33:11 claudio Exp $ */ +/* $OpenBSD: if_wg.c,v 1.40 2025/01/25 14:51:34 mvs Exp $ */ /* * Copyright (C) 2015-2020 Jason A. Donenfeld . All Rights Reserved. @@ -30,6 +30,7 @@ #include #include #include +#include #include #include @@ -70,8 +71,16 @@ #define NEW_HANDSHAKE_TIMEOUT (REKEY_TIMEOUT + KEEPALIVE_TIMEOUT) #define UNDERLOAD_TIMEOUT 1 -#define DPRINTF(sc, str, ...) do { if (ISSET((sc)->sc_if.if_flags, IFF_DEBUG))\ - printf("%s: " str, (sc)->sc_if.if_xname, ##__VA_ARGS__); } while (0) +#define WGPRINTF(loglevel, sc, mtx, fmt, ...) do { \ + if (ISSET((sc)->sc_if.if_flags, IFF_DEBUG)) { \ + if (mtx) \ + mtx_enter(mtx); \ + log(loglevel, "%s: " fmt, (sc)->sc_if.if_xname, \ + ##__VA_ARGS__); \ + if (mtx) \ + mtx_leave(mtx); \ + } \ +} while (0) #define CONTAINER_OF(ptr, type, member) ({ \ const __typeof( ((type *)0)->member ) *__mptr = (ptr); \ @@ -448,7 +457,7 @@ wg_peer_create(struct wg_softc *sc, uint8_t public[WG_KEY_SIZE]) sc->sc_peer_num++; rw_exit_write(&sc->sc_peer_lock); - DPRINTF(sc, "Peer %llu created\n", peer->p_id); + WGPRINTF(LOG_INFO, sc, NULL, "Peer %llu created\n", peer->p_id); return peer; } @@ -530,7 +539,7 @@ wg_peer_destroy(struct wg_peer *peer) if (!mq_empty(&peer->p_stage_queue)) mq_purge(&peer->p_stage_queue); - DPRINTF(sc, "Peer %llu destroyed\n", peer->p_id); + WGPRINTF(LOG_INFO, sc, NULL, "Peer %llu destroyed\n", peer->p_id); explicit_bzero(peer, sizeof(*peer)); pool_put(&wg_peer_pool, peer); } @@ -883,7 +892,8 @@ retry: } else { ret = wg_send(sc, e, m); if (ret != 0) - DPRINTF(sc, "Unable to send packet\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, + "Unable to send packet\n"); } } @@ -1144,23 +1154,29 @@ wg_timers_run_retry_handshake(void *_t) { struct wg_timers *t = _t; struct wg_peer *peer = CONTAINER_OF(t, struct wg_peer, p_timers); + char ipaddr[INET6_ADDRSTRLEN]; mtx_enter(&t->t_handshake_mtx); if (t->t_handshake_retries <= MAX_TIMER_HANDSHAKES) { t->t_handshake_retries++; mtx_leave(&t->t_handshake_mtx); - DPRINTF(peer->p_sc, "Handshake for peer %llu did not complete " - "after %d seconds, retrying (try %d)\n", peer->p_id, + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, + "Handshake for peer %llu (%s) did not complete after %d " + "seconds, retrying (try %d)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr)), REKEY_TIMEOUT, t->t_handshake_retries + 1); wg_peer_clear_src(peer); wg_timers_run_send_initiation(t, 1); } else { mtx_leave(&t->t_handshake_mtx); - DPRINTF(peer->p_sc, "Handshake for peer %llu did not complete " - "after %d retries, giving up\n", peer->p_id, - MAX_TIMER_HANDSHAKES + 2); + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, + "Handshake for peer %llu (%s) did not complete after %d " + "retries, giving up\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr)), MAX_TIMER_HANDSHAKES + 2); timeout_del(&t->t_send_keepalive); mq_purge(&peer->p_stage_queue); @@ -1188,10 +1204,13 @@ wg_timers_run_new_handshake(void *_t) { struct wg_timers *t = _t; struct wg_peer *peer = CONTAINER_OF(t, struct wg_peer, p_timers); + char ipaddr[INET6_ADDRSTRLEN]; - DPRINTF(peer->p_sc, "Retrying handshake with peer %llu because we " - "stopped hearing back after %d seconds\n", - peer->p_id, NEW_HANDSHAKE_TIMEOUT); + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, + "Retrying handshake with peer %llu (%s) because we " + "stopped hearing back after %d seconds\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr)), NEW_HANDSHAKE_TIMEOUT); wg_peer_clear_src(peer); wg_timers_run_send_initiation(t, 0); @@ -1202,8 +1221,12 @@ wg_timers_run_zero_key_material(void *_t) { struct wg_timers *t = _t; struct wg_peer *peer = CONTAINER_OF(t, struct wg_peer, p_timers); + char ipaddr[INET6_ADDRSTRLEN]; - DPRINTF(peer->p_sc, "Zeroing out keys for peer %llu\n", peer->p_id); + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, "Zeroing out " + "keys for peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); task_add(wg_handshake_taskq, &peer->p_clear_secrets); } @@ -1234,12 +1257,15 @@ wg_send_initiation(void *_peer) { struct wg_peer *peer = _peer; struct wg_pkt_initiation pkt; + char ipaddr[INET6_ADDRSTRLEN]; if (wg_timers_check_handshake_last_sent(&peer->p_timers) != ETIMEDOUT) return; - DPRINTF(peer->p_sc, "Sending handshake initiation to peer %llu\n", - peer->p_id); + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, "Sending " + "handshake initiation to peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); if (noise_create_initiation(&peer->p_remote, &pkt.s_idx, pkt.ue, pkt.es, pkt.ets) != 0) @@ -1255,9 +1281,12 @@ void wg_send_response(struct wg_peer *peer) { struct wg_pkt_response pkt; + char ipaddr[INET6_ADDRSTRLEN]; - DPRINTF(peer->p_sc, "Sending handshake response to peer %llu\n", - peer->p_id); + WGPRINTF(LOG_INFO, peer->p_sc, &peer->p_endpoint_mtx, "Sending " + "handshake response to peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); if (noise_create_response(&peer->p_remote, &pkt.s_idx, &pkt.r_idx, pkt.ue, pkt.en) != 0) @@ -1278,7 +1307,8 @@ wg_send_cookie(struct wg_softc *sc, struct cookie_macs *cm, uint32_t idx, { struct wg_pkt_cookie pkt; - DPRINTF(sc, "Sending cookie response for denied handshake message\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Sending cookie response for denied " + "handshake message\n"); pkt.t = WG_PKT_COOKIE; pkt.r_idx = idx; @@ -1341,6 +1371,7 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) struct noise_remote *remote; int res, underload = 0; static struct timeval wg_last_underload; /* microuptime */ + char ipaddr[INET6_ADDRSTRLEN]; if (mq_len(&sc->sc_handshake_queue) >= MAX_QUEUED_HANDSHAKES/8) { getmicrouptime(&wg_last_underload); @@ -1363,10 +1394,16 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) underload, &t->t_endpoint.e_remote.r_sa); if (res == EINVAL) { - DPRINTF(sc, "Invalid initiation MAC\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Invalid initiation " + "MAC from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } else if (res == ECONNREFUSED) { - DPRINTF(sc, "Handshake ratelimited\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Handshake " + "ratelimited from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } else if (res == EAGAIN) { wg_send_cookie(sc, &init->m, init->s_idx, @@ -1378,14 +1415,19 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) if (noise_consume_initiation(&sc->sc_local, &remote, init->s_idx, init->ue, init->es, init->ets) != 0) { - DPRINTF(sc, "Invalid handshake initiation\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Invalid handshake " + "initiation from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } peer = CONTAINER_OF(remote, struct wg_peer, p_remote); - DPRINTF(sc, "Receiving handshake initiation from peer %llu\n", - peer->p_id); + WGPRINTF(LOG_INFO, sc, NULL, "Receiving handshake initiation " + "from peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); wg_peer_counters_add(peer, 0, sizeof(*init)); wg_peer_set_endpoint_from_tag(peer, t); @@ -1399,10 +1441,16 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) underload, &t->t_endpoint.e_remote.r_sa); if (res == EINVAL) { - DPRINTF(sc, "Invalid response MAC\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Invalid response " + "MAC from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } else if (res == ECONNREFUSED) { - DPRINTF(sc, "Handshake ratelimited\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Handshake " + "ratelimited from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } else if (res == EAGAIN) { wg_send_cookie(sc, &resp->m, resp->s_idx, @@ -1413,7 +1461,10 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) } if ((remote = wg_index_get(sc, resp->r_idx)) == NULL) { - DPRINTF(sc, "Unknown handshake response\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Unknown " + "handshake response from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } @@ -1421,12 +1472,17 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) if (noise_consume_response(remote, resp->s_idx, resp->r_idx, resp->ue, resp->en) != 0) { - DPRINTF(sc, "Invalid handshake response\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Invalid handshake " + "response from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } - DPRINTF(sc, "Receiving handshake response from peer %llu\n", - peer->p_id); + WGPRINTF(LOG_INFO, sc, NULL, "Receiving handshake response " + "from peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); wg_peer_counters_add(peer, 0, sizeof(*resp)); wg_peer_set_endpoint_from_tag(peer, t); @@ -1439,7 +1495,10 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) cook = mtod(m, struct wg_pkt_cookie *); if ((remote = wg_index_get(sc, cook->r_idx)) == NULL) { - DPRINTF(sc, "Unknown cookie index\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Unknown cookie " + "index from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } @@ -1447,11 +1506,17 @@ wg_handshake(struct wg_softc *sc, struct mbuf *m) if (cookie_maker_consume_payload(&peer->p_cookie, cook->nonce, cook->ec) != 0) { - DPRINTF(sc, "Could not decrypt cookie response\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Could not decrypt " + "cookie response from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; } - DPRINTF(sc, "Receiving cookie response\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Receiving cookie response " + "from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); goto error; default: panic("invalid packet in handshake queue"); @@ -1505,6 +1570,7 @@ wg_encap(struct wg_softc *sc, struct mbuf *m) struct mbuf *mc; size_t padding_len, plaintext_len, out_len; uint64_t nonce; + char ipaddr[INET6_ADDRSTRLEN]; t = wg_tag_get(m); peer = t->t_peer; @@ -1558,8 +1624,10 @@ wg_encap(struct wg_softc *sc, struct mbuf *m) /* A packet with length 0 is a keepalive packet */ if (__predict_false(m->m_pkthdr.len == 0)) - DPRINTF(sc, "Sending keepalive packet to peer %llu\n", - peer->p_id); + WGPRINTF(LOG_DEBUG, sc, &peer->p_endpoint_mtx, "Sending " + "keepalive packet to peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); mc->m_pkthdr.ph_loopcnt = m->m_pkthdr.ph_loopcnt; mc->m_flags &= ~(M_MCAST | M_BCAST); @@ -1590,6 +1658,7 @@ wg_decap(struct wg_softc *sc, struct mbuf *m) struct wg_tag *t; size_t payload_len; uint64_t nonce; + char ipaddr[INET6_ADDRSTRLEN]; t = wg_tag_get(m); peer = t->t_peer; @@ -1631,8 +1700,10 @@ wg_decap(struct wg_softc *sc, struct mbuf *m) /* A packet with length 0 is a keepalive packet */ if (__predict_false(m->m_pkthdr.len == 0)) { - DPRINTF(sc, "Receiving keepalive packet from peer " - "%llu\n", peer->p_id); + WGPRINTF(LOG_DEBUG, sc, &peer->p_endpoint_mtx, "Receiving " + "keepalive packet from peer %llu (%s)\n", peer->p_id, + sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, + ipaddr, sizeof(ipaddr))); goto done; } @@ -1670,14 +1741,18 @@ wg_decap(struct wg_softc *sc, struct mbuf *m) allowed_peer = wg_aip_lookup(sc->sc_aip6, &ip6->ip6_src); #endif } else { - DPRINTF(sc, "Packet is neither ipv4 nor ipv6 from " - "peer %llu\n", peer->p_id); + WGPRINTF(LOG_WARNING, sc, &peer->p_endpoint_mtx, "Packet " + "is neither IPv4 nor IPv6 from peer %llu (%s)\n", + peer->p_id, sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, + ipaddr, sizeof(ipaddr))); goto error; } if (__predict_false(peer != allowed_peer)) { - DPRINTF(sc, "Packet has unallowed src IP from peer " - "%llu\n", peer->p_id); + WGPRINTF(LOG_WARNING, sc, &peer->p_endpoint_mtx, "Packet " + "has unallowed source IP from peer %llu (%s)\n", + peer->p_id, sockaddr_ntop(&peer->p_endpoint.e_remote.r_sa, + ipaddr, sizeof(ipaddr))); goto error; } @@ -2012,6 +2087,7 @@ wg_input(void *_sc, struct mbuf *m, struct ip *ip, struct ip6_hdr *ip6, struct wg_tag *t; struct wg_softc *sc = _sc; struct udphdr *uh = _uh; + char ipaddr[INET6_ADDRSTRLEN]; NET_ASSERT_LOCKED(); @@ -2059,7 +2135,10 @@ wg_input(void *_sc, struct mbuf *m, struct ip *ip, struct ip6_hdr *ip6, *mtod(m, uint32_t *) == WG_PKT_COOKIE)) { if (mq_enqueue(&sc->sc_handshake_queue, m) != 0) - DPRINTF(sc, "Dropping handshake packet\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Dropping handshake" + "packet from %s\n", + sockaddr_ntop(&t->t_endpoint.e_remote.r_sa, ipaddr, + sizeof(ipaddr))); task_add(wg_handshake_taskq, &sc->sc_handshake); } else if (m->m_pkthdr.len >= sizeof(struct wg_pkt_data) + @@ -2169,14 +2248,14 @@ wg_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa, af = peer->p_endpoint.e_remote.r_sa.sa_family; if (af != AF_INET && af != AF_INET6) { - DPRINTF(sc, "No valid endpoint has been configured or " - "discovered for peer %llu\n", peer->p_id); + WGPRINTF(LOG_DEBUG, sc, NULL, "No valid endpoint has been " + "configured or discovered for peer %llu\n", peer->p_id); ret = EDESTADDRREQ; goto error; } if (m->m_pkthdr.ph_loopcnt++ > M_MAXLOOP) { - DPRINTF(sc, "Packet looped\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "Packet looped\n"); ret = ELOOP; goto error; } @@ -2189,7 +2268,7 @@ wg_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa, * another aip_lookup in wg_qstart, or refcnting as mentioned before. */ if (m->m_pkthdr.pf.delay > 0) { - DPRINTF(sc, "PF delay unsupported\n"); + WGPRINTF(LOG_DEBUG, sc, NULL, "PF delay unsupported\n"); ret = EOPNOTSUPP; goto error; } @@ -2702,7 +2781,7 @@ wg_clone_create(struct if_clone *ifc, int unit) bpfattach(&ifp->if_bpf, ifp, DLT_LOOP, sizeof(uint32_t)); #endif - DPRINTF(sc, "Interface created\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Interface created\n"); return 0; ret_05: @@ -2745,7 +2824,7 @@ wg_clone_destroy(struct ifnet *ifp) wg_crypt_taskq = NULL; } - DPRINTF(sc, "Destroyed interface\n"); + WGPRINTF(LOG_INFO, sc, NULL, "Interface destroyed\n"); hashfree(sc->sc_index, HASHTABLE_INDEX_SIZE, M_DEVBUF); hashfree(sc->sc_peer, HASHTABLE_PEER_SIZE, M_DEVBUF); diff --git a/sys/net/pipex.c b/sys/net/pipex.c index 4135ebe80..d58b93da6 100644 --- a/sys/net/pipex.c +++ b/sys/net/pipex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.c,v 1.156 2024/09/27 00:38:49 yasuoka Exp $ */ +/* $OpenBSD: pipex.c,v 1.157 2025/01/25 02:06:40 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -1507,13 +1507,19 @@ pipex_pptp_lookup_session(struct mbuf *m0) /* lookup pipex session table */ id = ntohs(gre.call_id); session = pipex_lookup_by_session_id(PIPEX_PROTO_PPTP, id); -#ifdef PIPEX_DEBUG if (session == NULL) { PIPEX_DBG((NULL, LOG_DEBUG, "<%s> session not found (id=%d)", __func__, id)); goto not_ours; } -#endif + + if (!(session->peer.sa.sa_family == AF_INET && + session->peer.sin4.sin_addr.s_addr == ip.ip_src.s_addr)) { + PIPEX_DBG((NULL, LOG_DEBUG, + "<%s> the source address of the session is not matched", + __func__)); + goto not_ours; + } return (session); @@ -1970,11 +1976,12 @@ drop: } struct pipex_session * -pipex_l2tp_lookup_session(struct mbuf *m0, int off) +pipex_l2tp_lookup_session(struct mbuf *m0, int off, struct sockaddr *sasrc) { struct pipex_session *session; uint16_t flags, session_id, ver; u_char *cp, buf[PIPEX_L2TP_MINLEN]; + int srcmatch = 0; if (m0->m_pkthdr.len < off + PIPEX_L2TP_MINLEN) { PIPEX_DBG((NULL, LOG_DEBUG, @@ -2004,13 +2011,33 @@ pipex_l2tp_lookup_session(struct mbuf *m0, int off) /* lookup pipex session table */ session = pipex_lookup_by_session_id(PIPEX_PROTO_L2TP, session_id); -#ifdef PIPEX_DEBUG if (session == NULL) { PIPEX_DBG((NULL, LOG_DEBUG, "<%s> session not found (id=%d)", __func__, session_id)); goto not_ours; } + switch (sasrc->sa_family) { + case AF_INET: + if (session->peer.sa.sa_family == AF_INET && + session->peer.sin4.sin_addr.s_addr == + ((struct sockaddr_in *)sasrc)->sin_addr.s_addr) + srcmatch = 1; + break; +#ifdef INET6 + case AF_INET6: + if (session->peer.sa.sa_family == AF_INET6 && + IN6_ARE_ADDR_EQUAL(&session->peer.sin6.sin6_addr, + &((struct sockaddr_in6 *)sasrc)->sin6_addr)) + srcmatch = 1; + break; #endif + } + if (!srcmatch) { + PIPEX_DBG((NULL, LOG_DEBUG, + "<%s> the source address of the session is not matched", + __func__)); + goto not_ours; + } return (session); diff --git a/sys/net/pipex.h b/sys/net/pipex.h index 4fbb56ff7..7b77a2723 100644 --- a/sys/net/pipex.h +++ b/sys/net/pipex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.h,v 1.33 2022/07/12 08:58:53 mvs Exp $ */ +/* $OpenBSD: pipex.h,v 1.34 2025/01/25 02:06:40 yasuoka Exp $ */ /* * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -171,28 +171,38 @@ extern int pipex_enable; struct pipex_session; __BEGIN_DECLS -void pipex_init (void); - -struct pipex_session *pipex_pppoe_lookup_session (struct mbuf *); -struct mbuf *pipex_pppoe_input (struct mbuf *, struct pipex_session *); -struct pipex_session *pipex_pptp_lookup_session (struct mbuf *); -struct mbuf *pipex_pptp_input (struct mbuf *, struct pipex_session *); -struct pipex_session *pipex_pptp_userland_lookup_session_ipv4 (struct mbuf *, struct in_addr); -struct pipex_session *pipex_pptp_userland_lookup_session_ipv6 (struct mbuf *, struct in6_addr); -struct pipex_session *pipex_l2tp_userland_lookup_session(struct mbuf *, struct sockaddr *); -struct mbuf *pipex_pptp_userland_output (struct mbuf *, struct pipex_session *); -struct pipex_session *pipex_l2tp_lookup_session (struct mbuf *, int); -struct mbuf *pipex_l2tp_input (struct mbuf *, int off, struct pipex_session *, uint32_t); -struct pipex_session *pipex_l2tp_userland_lookup_session_ipv4 (struct mbuf *, struct in_addr); -struct pipex_session *pipex_l2tp_userland_lookup_session_ipv6 (struct mbuf *, struct in6_addr); -struct mbuf *pipex_l2tp_userland_output (struct mbuf *, struct pipex_session *); -void pipex_rele_session(struct pipex_session *); -int pipex_ioctl (void *, u_long, caddr_t); -void pipex_session_init_mppe_recv(struct pipex_session *, int, -int, u_char *); -void pipex_session_init_mppe_send(struct pipex_session *, int, -int, u_char *); +void pipex_init(void); +struct pipex_session *pipex_pppoe_lookup_session(struct mbuf *); +struct mbuf *pipex_pppoe_input(struct mbuf *, + struct pipex_session *); +struct pipex_session *pipex_pptp_lookup_session(struct mbuf *); +struct mbuf *pipex_pptp_input(struct mbuf *, + struct pipex_session *); +struct pipex_session *pipex_pptp_userland_lookup_session_ipv4(struct mbuf *, + struct in_addr); +struct pipex_session *pipex_pptp_userland_lookup_session_ipv6(struct mbuf *, + struct in6_addr); +struct pipex_session *pipex_l2tp_userland_lookup_session(struct mbuf *, + struct sockaddr *); +struct mbuf *pipex_pptp_userland_output(struct mbuf *, + struct pipex_session *); +struct pipex_session *pipex_l2tp_lookup_session(struct mbuf *, int, + struct sockaddr *); +struct mbuf *pipex_l2tp_input(struct mbuf *, int off, + struct pipex_session *, uint32_t); +struct pipex_session *pipex_l2tp_userland_lookup_session_ipv4(struct mbuf *, + struct in_addr); +struct pipex_session *pipex_l2tp_userland_lookup_session_ipv6(struct mbuf *, + struct in6_addr); +struct mbuf *pipex_l2tp_userland_output(struct mbuf *, + struct pipex_session *); +void pipex_rele_session(struct pipex_session *); +int pipex_ioctl(void *, u_long, caddr_t); +void pipex_session_init_mppe_recv(struct pipex_session *, + int, int, u_char *); +void pipex_session_init_mppe_send(struct pipex_session *, + int, int, u_char *); __END_DECLS #endif /* _KERNEL */ diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 02f1f2c46..60a3fb5c6 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.423 2025/01/16 11:59:20 bluhm Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.425 2025/01/25 23:55:32 bluhm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -3532,16 +3532,18 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, { struct syn_cache *sc; struct syn_cache_head *scp; - struct inpcb *inp, *oldinp; + struct socket *listenso; + struct inpcb *inp, *listeninp; struct tcpcb *tp = NULL; struct mbuf *am; - struct socket *oso; u_int rtableid; NET_ASSERT_LOCKED(); + inp = sotoinpcb(so); + mtx_enter(&syn_cache_mtx); - sc = syn_cache_lookup(src, dst, &scp, sotoinpcb(so)->inp_rtableid); + sc = syn_cache_lookup(src, dst, &scp, inp->inp_rtableid); if (sc == NULL) { mtx_leave(&syn_cache_mtx); return (NULL); @@ -3571,34 +3573,35 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, * connection when the SYN arrived. If we can't create * the connection, abort it. */ - oso = so; - so = sonewconn(so, SS_ISCONNECTED, M_DONTWAIT); + listenso = so; + listeninp = inp; + so = sonewconn(listenso, SS_ISCONNECTED, M_DONTWAIT); if (so == NULL) goto resetandabort; - - oldinp = sotoinpcb(oso); + soassertlocked(so); + soref(so); inp = sotoinpcb(so); + tp = intotcpcb(inp); #ifdef IPSEC /* - * We need to copy the required security levels - * from the old pcb. Ditto for any other - * IPsec-related information. + * We need to copy the required security levels from the listen pcb. + * Ditto for any other IPsec-related information. */ - inp->inp_seclevel = oldinp->inp_seclevel; + inp->inp_seclevel = listeninp->inp_seclevel; #endif /* IPSEC */ #ifdef INET6 if (ISSET(inp->inp_flags, INP_IPV6)) { - KASSERT(ISSET(oldinp->inp_flags, INP_IPV6)); + KASSERT(ISSET(listeninp->inp_flags, INP_IPV6)); - inp->inp_ipv6.ip6_hlim = oldinp->inp_ipv6.ip6_hlim; - inp->inp_hops = oldinp->inp_hops; + inp->inp_ipv6.ip6_hlim = listeninp->inp_ipv6.ip6_hlim; + inp->inp_hops = listeninp->inp_hops; } else #endif { - KASSERT(!ISSET(oldinp->inp_flags, INP_IPV6)); + KASSERT(!ISSET(listeninp->inp_flags, INP_IPV6)); - inp->inp_ip.ip_ttl = oldinp->inp_ip.ip_ttl; + inp->inp_ip.ip_ttl = listeninp->inp_ip.ip_ttl; inp->inp_options = ip_srcroute(m); if (inp->inp_options == NULL) { inp->inp_options = sc->sc_ipopts; @@ -3636,8 +3639,7 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, } (void) m_free(am); - tp = intotcpcb(inp); - tp->t_flags = sototcpcb(oso)->t_flags & (TF_NOPUSH|TF_NODELAY); + tp->t_flags = intotcpcb(listeninp)->t_flags & (TF_NOPUSH|TF_NODELAY); if (sc->sc_request_r_scale != 15) { tp->requested_s_scale = sc->sc_requested_s_scale; tp->request_r_scale = sc->sc_request_r_scale; @@ -3649,7 +3651,6 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, tp->t_template = tcp_template(tp); if (tp->t_template == 0) { tp = tcp_drop(tp, ENOBUFS); /* destroys socket */ - so = NULL; goto abort; } tp->sack_enable = ISSET(sc->sc_fixflags, SCF_SACK_PERMIT); @@ -3700,6 +3701,7 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, tp->rcv_adv = tp->rcv_nxt + sc->sc_win; tp->last_ack_sent = tp->rcv_nxt; + in_pcbsounlock_rele(inp, so); tcpstat_inc(tcps_sc_completed); syn_cache_put(sc); return (so); @@ -3707,10 +3709,11 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, resetandabort: tcp_respond(NULL, mtod(m, caddr_t), th, (tcp_seq)0, th->th_ack, TH_RST, m->m_pkthdr.ph_rtableid, now); -abort: - m_freem(m); if (so != NULL) soabort(so); +abort: + m_freem(m); + in_pcbsounlock_rele(inp, so); syn_cache_put(sc); tcpstat_inc(tcps_sc_aborted); return ((struct socket *)(-1)); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 4883619fd..9721b2cf2 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.329 2025/01/01 13:44:22 bluhm Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.330 2025/01/25 02:06:40 yasuoka Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -619,7 +619,8 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) struct pipex_session *session; int off = iphlen + sizeof(struct udphdr); - if ((session = pipex_l2tp_lookup_session(m, off)) != NULL) { + if ((session = pipex_l2tp_lookup_session(m, off, &srcsa.sa)) + != NULL) { m = *mp = pipex_l2tp_input(m, off, session, ipsecflowinfo); pipex_rele_session(session); diff --git a/sys/sys/proc.h b/sys/sys/proc.h index c27df3709..7506bc2a7 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.h,v 1.377 2024/12/17 14:45:00 claudio Exp $ */ +/* $OpenBSD: proc.h,v 1.378 2025/01/25 19:21:40 claudio Exp $ */ /* $NetBSD: proc.h,v 1.44 1996/04/22 01:23:21 christos Exp $ */ /*- @@ -600,7 +600,7 @@ refreshcreds(struct proc *p) int single_thread_set(struct proc *, int); int single_thread_wait(struct process *, int); -void single_thread_clear(struct proc *, int); +void single_thread_clear(struct proc *); int single_thread_check(struct proc *, int); void child_return(void *); diff --git a/sys/uvm/uvm_pdaemon.c b/sys/uvm/uvm_pdaemon.c index 13e920daa..62a323c99 100644 --- a/sys/uvm/uvm_pdaemon.c +++ b/sys/uvm/uvm_pdaemon.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_pdaemon.c,v 1.133 2024/12/27 12:04:40 mpi Exp $ */ +/* $OpenBSD: uvm_pdaemon.c,v 1.134 2025/01/25 08:55:52 mpi Exp $ */ /* $NetBSD: uvm_pdaemon.c,v 1.23 2000/08/20 10:24:14 bjh21 Exp $ */ /* @@ -848,7 +848,6 @@ uvmpd_scan_inactive(struct uvm_pmalloc *pma, int shortage) anon->an_page = NULL; p->uanon = NULL; - rw_exit(anon->an_lock); uvm_anfree(anon); /* kills anon */ pmap_page_protect(p, PROT_NONE); anon = NULL; diff --git a/usr.bin/mandoc/mandoc.css b/usr.bin/mandoc/mandoc.css index 6bfce467d..a2c5ae4be 100644 --- a/usr.bin/mandoc/mandoc.css +++ b/usr.bin/mandoc/mandoc.css @@ -1,4 +1,4 @@ -/* $OpenBSD: mandoc.css,v 1.39 2022/07/06 14:27:55 schwarze Exp $ */ +/* $OpenBSD: mandoc.css,v 1.41 2025/01/25 03:17:11 schwarze Exp $ */ /* * Standard style sheet for mandoc(1) -Thtml and man.cgi(8). * @@ -179,7 +179,8 @@ h3.Ss { margin-top: 1.2em; .RsP { } .RsQ { } .RsR { } -.RsT { text-decoration: underline; } +.RsT { font-style: normal; + font-weight: normal; } .RsU { } .RsV { } diff --git a/usr.bin/mandoc/mdoc_html.c b/usr.bin/mandoc/mdoc_html.c index 093e9d9e7..778c66a75 100644 --- a/usr.bin/mandoc/mdoc_html.c +++ b/usr.bin/mandoc/mdoc_html.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mdoc_html.c,v 1.226 2025/01/19 16:36:24 schwarze Exp $ */ +/* $OpenBSD: mdoc_html.c,v 1.228 2025/01/25 00:19:23 schwarze Exp $ */ /* * Copyright (c) 2014-2022, 2025 Ingo Schwarze * Copyright (c) 2008-2011, 2014 Kristaps Dzonsons @@ -1454,7 +1454,7 @@ mdoc_rs_pre(MDOC_ARGS) case ROFFT_BODY: if (n->sec == SEC_SEE_ALSO) print_otag(h, TAG_P, "c", "Pp"); - print_otag(h, TAG_CITE, "c", "Rs"); + print_otag(h, TAG_SPAN, "c", "Rs"); break; default: abort(); @@ -1508,7 +1508,7 @@ mdoc__x_pre(MDOC_ARGS) print_text(h, "and"); break; case MDOC__B: - t = TAG_I; + t = TAG_CITE; cattr = "RsB"; break; case MDOC__C: @@ -1553,7 +1553,14 @@ mdoc__x_pre(MDOC_ARGS) cattr = "RsR"; break; case MDOC__T: - cattr = "RsT"; + t = TAG_CITE; + if (n->parent != NULL && n->parent->tok == MDOC_Rs && + n->parent->norm->Rs.quote_T) { + print_text(h, "\\(lq"); + h->flags |= HTML_NOSPACE; + cattr = "RsT"; + } else + cattr = "RsB"; break; case MDOC__U: print_otag(h, TAG_A, "ch", "RsU", arg); @@ -1574,14 +1581,23 @@ mdoc__x_post(MDOC_ARGS) { struct roff_node *nn; - if (n->tok == MDOC__A && - (nn = roff_node_next(n)) != NULL && nn->tok == MDOC__A && - ((nn = roff_node_next(nn)) == NULL || nn->tok != MDOC__A) && - ((nn = roff_node_prev(n)) == NULL || nn->tok != MDOC__A)) - return; - - /* TODO: %U */ - + switch (n->tok) { + case MDOC__A: + if ((nn = roff_node_next(n)) != NULL && nn->tok == MDOC__A && + ((nn = roff_node_next(nn)) == NULL || nn->tok != MDOC__A) && + ((nn = roff_node_prev(n)) == NULL || nn->tok != MDOC__A)) + return; + break; + case MDOC__T: + if (n->parent != NULL && n->parent->tok == MDOC_Rs && + n->parent->norm->Rs.quote_T) { + h->flags |= HTML_NOSPACE; + print_text(h, "\\(rq"); + } + break; + default: + break; + } if (n->parent == NULL || n->parent->tok != MDOC_Rs) return; diff --git a/usr.bin/mandoc/mdoc_man.c b/usr.bin/mandoc/mdoc_man.c index 66ffef456..b7249e9c5 100644 --- a/usr.bin/mandoc/mdoc_man.c +++ b/usr.bin/mandoc/mdoc_man.c @@ -1,6 +1,6 @@ -/* $OpenBSD: mdoc_man.c,v 1.136 2022/12/26 19:16:02 jmc Exp $ */ +/* $OpenBSD: mdoc_man.c,v 1.137 2025/01/24 22:36:51 schwarze Exp $ */ /* - * Copyright (c) 2011-2021 Ingo Schwarze + * Copyright (c) 2011-2021, 2025 Ingo Schwarze * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -794,6 +794,9 @@ post_percent(DECL_ARGS) if (mdoc_man_act(n->tok)->pre == pre_em) font_pop(); + if (n->parent == NULL || n->parent->tok != MDOC_Rs) + return; + if ((nn = roff_node_next(n)) != NULL) { np = roff_node_prev(n); nnn = nn == NULL ? NULL : roff_node_next(nn); diff --git a/usr.sbin/bgpd/kroute.c b/usr.sbin/bgpd/kroute.c index a806ae8a0..651a92a20 100644 --- a/usr.sbin/bgpd/kroute.c +++ b/usr.sbin/bgpd/kroute.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kroute.c,v 1.310 2024/09/04 15:06:36 claudio Exp $ */ +/* $OpenBSD: kroute.c,v 1.311 2025/01/25 09:49:05 denis Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -476,6 +476,9 @@ kr_change(u_int rtableid, struct kroute_full *kf) return (krVPN4_change(kt, kf)); case AID_VPN_IPv6: return (krVPN6_change(kt, kf)); + case AID_EVPN: + /* XXX ignored for now */ + return (0); } log_warnx("%s: not handled AID", __func__); return (-1); @@ -1896,6 +1899,9 @@ kroute_remove(struct ktable *kt, struct kroute_full *kf, int any) case AID_VPN_IPv6: multipath = kroute6_remove(kt, kf, any); break; + case AID_EVPN: + /* XXX ignored for now */ + return (0); default: log_warnx("%s: not handled AID", __func__); return (-1); diff --git a/usr.sbin/bgpd/rtr_proto.c b/usr.sbin/bgpd/rtr_proto.c index 2fba7ea99..8631bfc90 100644 --- a/usr.sbin/bgpd/rtr_proto.c +++ b/usr.sbin/bgpd/rtr_proto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rtr_proto.c,v 1.48 2025/01/09 12:07:49 claudio Exp $ */ +/* $OpenBSD: rtr_proto.c,v 1.49 2025/01/25 07:23:30 claudio Exp $ */ /* * Copyright (c) 2020 Claudio Jeker @@ -827,8 +827,10 @@ rtr_parse_aspa(struct rtr_session *rs, struct ibuf *pdu) return -1; } for (i = 0; i < cnt; i++) { - if (ibuf_get_n32(pdu, &aspa->tas[i]) == -1) + if (ibuf_get_n32(pdu, &aspa->tas[i]) == -1) { + free_aspa(aspa); goto badlen; + } } }