sync

etc/skel/dot.profile

@@ -3,4 +3,5 @@
 # sh/ksh initialization
 
 PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin
+export PS1="\[\033[38;5;69m\]┌─(\[\033[38;5;15m\]\u\[\033[38;5;69m\]@\[\033[38;5;15m\]\h\[\033[38;5;69m\])\[\033[38;5;69m\]─[\[\033[38;5;69m\]\w\[\033[38;5;69m\]]\n\[\033[38;5;69m\]└─$\[$(tput sgr0)\] "
 export PATH HOME TERM

lib/libz/infback.c

@@ -46,7 +46,7 @@ int ZEXPORT inflateBackInit_(z_streamp strm, int windowBits,
 #ifdef Z_SOLO
         return Z_STREAM_ERROR;
 #else
-    strm->zfree = zcfree;
+        strm->zfree = zcfree;
 #endif
     state = (struct inflate_state FAR *)ZALLOC(strm, 1,
                                                sizeof(struct inflate_state));

regress/sys/netinet/frag/frag_adjhole.py

@@ -0,0 +1,57 @@
+#!/usr/local/bin/python3
+
+print("overlapping ping fragments which modifies pf hole counter")
+
+# |--------|
+#          |--------|
+#      |-------|
+#                   |----|
+
+import os
+from addr import *
+from scapy.all import *
+
+pid=os.getpid()
+eid=pid & 0xffff
+payload=b"ABCDEFGHIJKLMNOP" * 2
+packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \
+    ICMP(type='echo-request', id=eid)/payload
+frag=[]
+fid=pid & 0xffff
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    flags='MF')/bytes(packet)[20:36])
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=2, flags='MF')/bytes(packet)[36:52])
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=1, flags='MF')/bytes(packet)[28:44])
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=4)/bytes(packet)[52:60])
+eth=[]
+for f in frag:
+	eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC)/f)
+
+if os.fork() == 0:
+	time.sleep(1)
+	sendp(eth, iface=LOCAL_IF)
+	os._exit(0)
+
+ans=sniff(iface=LOCAL_IF, timeout=3, filter=
+    "ip and src "+REMOTE_ADDR+" and dst "+LOCAL_ADDR+" and icmp")
+for a in ans:
+	if a and a.type == ETH_P_IP and \
+	    a.payload.proto == 1 and \
+	    a.payload.frag == 0 and a.payload.flags == 0 and \
+	    icmptypes[a.payload.payload.type] == 'echo-reply':
+		id=a.payload.payload.id
+		print("id=%#x" % (id))
+		if id != eid:
+			print("WRONG ECHO REPLY ID")
+			exit(2)
+		data=a.payload.payload.payload.load
+		print("payload=%s" % (data))
+		if data == payload:
+			exit(0)
+		print("PAYLOAD!=%s" % (payload))
+		exit(1)
+print("NO ECHO REPLY")
+exit(2)

regress/sys/netinet/frag/frag_overhole.py

@@ -0,0 +1,82 @@
+#!/usr/local/bin/python3
+
+print("ping fragment at index boundary which modifies pf hole counter")
+
+#                               index boundary 4096 |
+# |--------------|
+#                 ....
+#                     |--------------|
+#                                    |----------|
+#                                               |XXXX----------|
+#                                          |XXXX----|
+#                                                               |---|
+
+# this should trigger "frag tail overlap %d" and "frag head overlap %d"
+
+import os
+from addr import *
+from scapy.all import *
+
+pid=os.getpid()
+eid=pid & 0xffff
+payload=b"ABCDEFGHIJKLMNOP"
+dummy=b"01234567"
+fragsize=1024
+boundary=4096
+fragnum=int(boundary/fragsize)
+packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \
+    ICMP(type='echo-request', id=eid)/ \
+    ((int((boundary+fragsize)/len(payload)) + 1) * payload)
+packet_length=len(packet)
+frag=[]
+fid=pid & 0xffff
+for i in range(fragnum-1):
+	frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+	    frag=(i*fragsize)>>3, flags='MF')/
+	    bytes(packet)[20+i*fragsize:20+(i+1)*fragsize])
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=(boundary-fragsize)>>3, flags='MF')/
+    bytes(packet)[20+boundary-fragsize:20+boundary-len(dummy)])
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=(boundary-len(dummy))>>3, flags='MF')/
+    (dummy+bytes(packet)[20+boundary:20+boundary+fragsize]))
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=(boundary-8-len(dummy))>>3, flags='MF')/
+    (dummy+bytes(packet)[20+boundary-8:20+boundary]))
+frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid,
+    frag=(boundary+fragsize)>>3)/bytes(packet)[20+boundary+fragsize:])
+eth=[]
+for f in frag:
+	eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC)/f)
+
+if os.fork() == 0:
+	time.sleep(1)
+	for e in eth:
+		sendp(e, iface=LOCAL_IF)
+		time.sleep(0.001)
+	os._exit(0)
+
+ans=sniff(iface=LOCAL_IF, timeout=3, filter=
+    "ip and src "+REMOTE_ADDR+" and dst "+LOCAL_ADDR+" and icmp")
+for a in ans:
+	if a and a.type == ETH_P_IP and \
+	    a.payload.proto == 1 and \
+	    a.payload.frag == 0 and \
+	    icmptypes[a.payload.payload.type] == 'echo-reply':
+		id=a.payload.payload.id
+		print("id=%#x" % (id))
+		if id != eid:
+			print("WRONG ECHO REPLY ID")
+			exit(2)
+	if a and a.type == ETH_P_IP and \
+	    a.payload.proto == 1 and \
+	    a.payload.frag > 0 and \
+	    a.payload.flags == '':
+		len=(a.payload.frag<<3)+a.payload.len
+		print("len=%d" % (len))
+		if len != packet_length:
+			print("WRONG ECHO REPLY LENGTH")
+			exit(1)
+		exit(0)
+print("NO ECHO REPLY")
+exit(1)

regress/sys/netinet/frag/frag_overindex.py

@@ -9,8 +9,6 @@ print("ping fragment that overlaps the first fragment at index boundary")
 #                                              |XXXX-----|
 #                                    |--------------|
 
-# this should trigger "frag index %d, new %d" log in kernel
-
 import os
 from addr import *
 from scapy.all import *
@@ -25,6 +23,7 @@ fragnum=int(boundary/fragsize)
 packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \
     ICMP(type='echo-request', id=eid)/ \
     (int((boundary+8)/len(payload)) * payload)
+packet_length=len(packet)
 frag=[]
 fid=pid & 0xffff
 for i in range(fragnum-1):
@@ -60,6 +59,15 @@ for a in ans:
 		if id != eid:
 			print("WRONG ECHO REPLY ID")
 			exit(2)
+	if a and a.type == ETH_P_IP and \
+	    a.payload.proto == 1 and \
+	    a.payload.frag > 0 and \
+	    a.payload.flags == '':
+		len=(a.payload.frag<<3)+a.payload.len
+		print("len=%d" % (len))
+		if len != packet_length:
+			print("WRONG ECHO REPLY LENGTH")
+			exit(1)
 		exit(0)
 print("NO ECHO REPLY")
 exit(1)

regress/sys/netinet/frag/frag_overlimit.py

@@ -11,8 +11,6 @@ print("ping fragment at index boundary that cannot be requeued")
 #                                              |XXXX-----|
 #                                    |--------------|
 
-# this should trigger "fragment requeue limit exceeded" log in kernel
-
 import os
 from itertools import chain
 from addr import *

regress/sys/netinet/frag/frag_overreplace.py

@@ -26,6 +26,7 @@ fragnum=int(boundary/fragsize)
 packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \
     ICMP(type='echo-request', id=eid)/ \
     (int((boundary+fragsize)/len(payload)) * payload)
+packet_length=len(packet)
 frag=[]
 fid=pid & 0xffff
 for i in range(fragnum-1):
@@ -63,6 +64,15 @@ for a in ans:
 		if id != eid:
 			print("WRONG ECHO REPLY ID")
 			exit(2)
+	if a and a.type == ETH_P_IP and \
+	    a.payload.proto == 1 and \
+	    a.payload.frag > 0 and \
+	    a.payload.flags == '':
+		len=(a.payload.frag<<3)+a.payload.len
+		print("len=%d" % (len))
+		if len != packet_length:
+			print("WRONG ECHO REPLY LENGTH")
+			exit(1)
 		exit(0)
 print("NO ECHO REPLY")
 exit(1)

sys/arch/amd64/amd64/locore.S

@@ -1,4 +1,4 @@
-/*	$OpenBSD: locore.S,v 1.148 2024/08/02 22:24:51 guenther Exp $	*/
+/*	$OpenBSD: locore.S,v 1.150 2025/02/02 05:45:20 guenther Exp $	*/
 /*	$NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $	*/
 
 /*
@@ -882,8 +882,30 @@ KTEXT_PAGE_START
 0:	pause
 	lfence
 	jmp	0b
-	.space	(.Liretq_swapgs - XUsyscall_meltdown) - \
+.LKiretq_swapgs:
-		(. - Xsyscall_meltdown), 0xcc
+	/*
+	 * The desired directive here would be:
+	 *	.space	(.Liretq_swapgs - XUsyscall_meltdown) - \
+	 *		(.LKiretq_swapgs - Xsyscall_meltdown), 0xcc
+	 *
+	 * While llvm-18 and earlier handled that, llvm/clang-19 miscalculates
+	 * it and thinks that's a negative number; it's not: the correct value
+	 * at this time is "2".  Indeed, it calculates the value correctly if
+	 * you append this bit to the end of locore.S:
+	 *	.section .rodata
+	 *	right_value:
+	 *	.quad	(.Liretq_swapgs - XUsyscall_meltdown) - \
+	 *		(.LKiretq_swapgs - Xsyscall_meltdown)
+	 * You can build locore.o manually, use objdump on it, and see what
+	 * value was stored at 'right_value'!  So compiler updates go.
+	 * Fortunately(?), this has broken before so the kernel Makefile
+	 * checks the compiled locore.o to verify that the iretq instructions
+	 * line up (that being the most critical part of what matters).  If
+	 * the intr_user_exit sequence changes such that the correct value is
+	 * _not_ "2" and builds fail, then append that chunk above and get the
+	 * correct new value to use here.  :(
+	 */
+	.space	2, 0xcc
 	CODEPATCH_END(CPTAG_MELTDOWN_NOP)
 	swapgs
 

sys/arch/arm64/arm64/cpu.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: cpu.c,v 1.135 2025/01/25 12:29:35 kettenis Exp $	*/
+/*	$OpenBSD: cpu.c,v 1.137 2025/02/02 13:36:09 kettenis Exp $	*/
 
 /*
  * Copyright (c) 2016 Dale Rahn <drahn@dalerahn.com>
@@ -673,7 +673,10 @@ cpu_identify(struct cpu_info *ci)
 		printf("\n%s: mismatched ID_AA64MMFR0_EL1",
 		    ci->ci_dev->dv_xname);
 	}
-	if (READ_SPECIALREG(id_aa64mmfr1_el1) != cpu_id_aa64mmfr1) {
+	id = READ_SPECIALREG(id_aa64mmfr1_el1);
+	/* Allow SpecSEI to be different. */
+	id &= ~ID_AA64MMFR1_SPECSEI_MASK;
+	if (id != cpu_id_aa64mmfr1) {
 		printf("\n%s: mismatched ID_AA64MMFR1_EL1",
 		    ci->ci_dev->dv_xname);
 	}
@@ -1251,10 +1254,12 @@ cpu_identify_cleanup(void)
 	if (ID_AA64ISAR1_SB(cpu_id_aa64isar1) >= ID_AA64ISAR1_SB_IMPL)
 		hwcap |= HWCAP_SB;
 	if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC ||
-	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC)
+	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC ||
+	    ID_AA64ISAR2_APA3(cpu_id_aa64isar2) >= ID_AA64ISAR2_APA3_PAC)
 		hwcap |= HWCAP_PACA;
 	if (ID_AA64ISAR1_GPA(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPA_IMPL ||
-	    ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL)
+	    ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL ||
+	    ID_AA64ISAR2_GPA3(cpu_id_aa64isar2) >= ID_AA64ISAR2_GPA3_IMPL)
 		hwcap |= HWCAP_PACG;
 
 	/* HWCAP2 */
@@ -1430,6 +1435,14 @@ cpu_attach(struct device *parent, struct device *dev, void *aux)
 		cpu_id_aa64pfr0 = READ_SPECIALREG(id_aa64pfr0_el1);
 		cpu_id_aa64pfr1 = READ_SPECIALREG(id_aa64pfr1_el1);
 
+		/*
+		 * The SpecSEI "feature" isn't relevant for userland.
+		 * So it is fine if this field differs between CPU
+		 * cores.  Mask off this field to prevent exporting it
+		 * to userland.
+		 */
+		cpu_id_aa64mmfr1 &= ~ID_AA64MMFR1_SPECSEI_MASK;
+
 		/*
 		 * The CSV2/CSV3 "features" are handled on a
 		 * per-processor basis.  So it is fine if these fields
@@ -1524,7 +1537,8 @@ cpu_init(void)
 
 	/* Enable PAuth. */
 	if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC ||
-	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC) {
+	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC ||
+	    ID_AA64ISAR2_APA3(cpu_id_aa64isar2) >= ID_AA64ISAR2_APA3_PAC) {
 		sctlr = READ_SPECIALREG(sctlr_el1);
 		sctlr |= SCTLR_EnIA | SCTLR_EnDA;
 		sctlr |= SCTLR_EnIB | SCTLR_EnDB;

sys/arch/arm64/arm64/pmap.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: pmap.c,v 1.108 2025/01/31 20:49:25 kettenis Exp $ */
+/* $OpenBSD: pmap.c,v 1.110 2025/02/03 17:59:40 jca Exp $ */
 /*
  * Copyright (c) 2008-2009,2014-2016 Dale Rahn <drahn@dalerahn.com>
  *
@@ -729,10 +729,6 @@ pmap_remove_pted(pmap_t pm, struct pte_desc *pted)
 	pmap_pte_remove(pted, pm != pmap_kernel());
 	ttlb_flush(pm, pted->pted_va & ~PAGE_MASK);
 
-	if (pted->pted_va & PTED_VA_EXEC_M) {
-		pted->pted_va &= ~PTED_VA_EXEC_M;
-	}
-
 	if (PTED_MANAGED(pted))
 		pmap_remove_pv(pted);
 
@@ -821,9 +817,6 @@ pmap_kremove_pg(vaddr_t va)
 	pmap_pte_remove(pted, 0);
 	ttlb_flush(pm, pted->pted_va & ~PAGE_MASK);
 
-	if (pted->pted_va & PTED_VA_EXEC_M)
-		pted->pted_va &= ~PTED_VA_EXEC_M;
-
 	if (PTED_MANAGED(pted))
 		pmap_remove_pv(pted);
 
@@ -2335,7 +2328,8 @@ void
 pmap_setpauthkeys(struct pmap *pm)
 {
 	if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_PAC ||
-	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC) {
+	    ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_PAC ||
+	    ID_AA64ISAR2_APA3(cpu_id_aa64isar2) >= ID_AA64ISAR2_APA3_PAC) {
 		__asm volatile ("msr apiakeylo_el1, %0"
 		    :: "r"(pm->pm_apiakey[0]));
 		__asm volatile ("msr apiakeyhi_el1, %0"
@@ -2355,7 +2349,8 @@ pmap_setpauthkeys(struct pmap *pm)
 	}
 
 	if (ID_AA64ISAR1_GPA(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPA_IMPL ||
-	    ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL) {
+	    ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL ||
+	    ID_AA64ISAR2_GPA3(cpu_id_aa64isar2) >= ID_AA64ISAR2_GPA3_IMPL) {
 		__asm volatile ("msr apgakeylo_el1, %0"
 		    :: "r"(pm->pm_apgakey[0]));
 		__asm volatile ("msr apgakeyhi_el1, %0"

sys/arch/arm64/include/armreg.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: armreg.h,v 1.40 2025/01/25 12:29:35 kettenis Exp $ */
+/* $OpenBSD: armreg.h,v 1.41 2025/02/02 11:21:45 kettenis Exp $ */
 /*-
  * Copyright (c) 2013, 2014 Andrew Turner
  * Copyright (c) 2015 The FreeBSD Foundation
@@ -453,7 +453,7 @@
 #define	 ID_AA64ISAR1_LS64_ACCDATA	(0x3ULL << ID_AA64ISAR1_LS64_SHIFT)
 
 /* ID_AA64ISAR2_EL1 */
-#define	ID_AA64ISAR2_MASK		0x00ff0000f0ff00ffULL
+#define	ID_AA64ISAR2_MASK		0x00ff0000f0ffffffULL
 #define	ID_AA64ISAR2_WFXT_SHIFT		0
 #define	ID_AA64ISAR2_WFXT_MASK		(0xfULL << ID_AA64ISAR2_WFXT_SHIFT)
 #define	ID_AA64ISAR2_WFXT(x)		((x) & ID_AA64ISAR2_WFXT_MASK)

sys/arch/arm64/include/pmap.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: pmap.h,v 1.27 2025/01/31 20:49:25 kettenis Exp $ */
+/* $OpenBSD: pmap.h,v 1.28 2025/02/03 17:59:40 jca Exp $ */
 /*
  * Copyright (c) 2008,2009,2014 Dale Rahn <drahn@dalerahn.com>
  *
@@ -48,7 +48,6 @@
 
 #define PTED_VA_MANAGED_M	(PMAP_MD3)
 #define PTED_VA_WIRED_M		(PMAP_MD3 << 1)
-#define PTED_VA_EXEC_M		(PMAP_MD3 << 2)
 
 
 #if defined(_KERNEL) && !defined(_LOCORE)

sys/dev/acpi/acpireg.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: acpireg.h,v 1.61 2024/08/08 07:01:22 kettenis Exp $	*/
+/*	$OpenBSD: acpireg.h,v 1.62 2025/02/02 15:52:20 patrick Exp $	*/
 /*
  * Copyright (c) 2005 Thorsten Lockert <tholo@sigmasoft.com>
  * Copyright (c) 2005 Marco Peereboom <marco@openbsd.org>
@@ -800,6 +800,27 @@ struct acpi_iort_smmu_pmu_interrupt {
 	uint32_t	flags;
 } __packed;
 
+struct acpi_iort_smmu_v3_node {
+	uint64_t	base_address;
+	uint32_t	flags;
+#define ACPI_IORT_SMMU_V3_COHACC_OVERRIDE(x)	(((x) >> 0) & 0x1)
+#define ACPI_IORT_SMMU_V3_HTTU_OVERRIDE(x)	(((x) >> 1) & 0x3)
+#define ACPI_IORT_SMMU_V3_PROX_DOM_VALID	(1 << 3)
+#define ACPI_IORT_SMMU_V3_DEVID_MAP_VALID	(1 << 4)
+	uint32_t	reserved;
+	uint64_t	vatos_address;
+	uint32_t	model;
+#define ACPI_IORT_SMMU_V3_GENERIC		0
+#define ACPI_IORT_SMMU_V3_HISILICON_HI161X	1
+#define ACPI_IORT_SMMU_V3_CAVIUM_CN99X		2
+	uint32_t	event;
+	uint32_t	pri;
+	uint32_t	gerr;
+	uint32_t	sync;
+	uint32_t	proximity_domain;
+	uint32_t	deviceid_mapping_index;
+} __packed;
+
 struct acpi_iort_mapping {
 	uint32_t	input_base;
 	uint32_t	number_of_ids;

sys/dev/kcov.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kcov.c,v 1.50 2024/11/10 10:04:33 jsg Exp $	*/
+/*	$OpenBSD: kcov.c,v 1.51 2025/02/02 21:05:12 gnezdo Exp $	*/
 
 /*
  * Copyright (c) 2018 Anton Lindqvist <anton@openbsd.org>
@@ -34,7 +34,7 @@
 #include <uvm/uvm_extern.h>
 
 #define KCOV_BUF_MEMB_SIZE	sizeof(uintptr_t)
-#define KCOV_BUF_MAX_NMEMB	(256 << 10)
+#define KCOV_BUF_MAX_NMEMB	(512 << 10)
 
 #define KCOV_CMP_CONST		0x1
 #define KCOV_CMP_SIZE(x)	((x) << 1)

sys/dev/pci/if_aq_pci.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: if_aq_pci.c,v 1.29 2025/01/26 23:09:48 jmatthew Exp $ */
+/* $OpenBSD: if_aq_pci.c,v 1.30 2025/02/02 08:28:14 jmatthew Exp $ */
 /*	$NetBSD: if_aq.c,v 1.27 2021/06/16 00:21:18 riastradh Exp $	*/
 
 /*
@@ -365,6 +365,7 @@
 #define  TPB_TX_BUF_SCP_INS_EN			(1 << 2)
 #define  TPB_TX_BUF_CLK_GATE_EN			(1 << 5)
 #define  TPB_TX_BUF_TC_MODE_EN			(1 << 8)
+#define  TPB_TX_BUF_TC_Q_RAND_MAP_EN		(1 << 9)
 
 
 /* TPB_TXB_BUFSIZE_REG[AQ_TRAFFICCLASS_NUM] 0x7910-7990 */
@@ -467,7 +468,7 @@
 
 #define AQ2_RPF_REDIR2_REG			0x54c8
 #define  AQ2_RPF_REDIR2_INDEX			(1 << 12)
-#define  AQ2_RPF_REDIR2_HASHTYPE		0x00000100
+#define  AQ2_RPF_REDIR2_HASHTYPE		0x000001FF
 #define  AQ2_RPF_REDIR2_HASHTYPE_NONE		0
 #define  AQ2_RPF_REDIR2_HASHTYPE_IP		(1 << 0)
 #define  AQ2_RPF_REDIR2_HASHTYPE_TCP4		(1 << 1)
@@ -478,7 +479,16 @@
 #define  AQ2_RPF_REDIR2_HASHTYPE_IP6EX		(1 << 6)
 #define  AQ2_RPF_REDIR2_HASHTYPE_TCP6EX		(1 << 7)
 #define  AQ2_RPF_REDIR2_HASHTYPE_UDP6EX		(1 << 8)
-#define  AQ2_RPF_REDIR2_HASHTYPE_ALL		0x00000100
+#define  AQ2_RPF_REDIR2_HASHTYPE_ALL		0x000001FF
+
+#define AQ2_RX_Q_TC_MAP_REG(i)			(0x5900 + (i) * 4)
+#define AQ2_TX_Q_TC_MAP_REG(i)			(0x799c + (i) * 4)
+
+#define AQ2_RPF_RSS_REDIR_MAX			64
+#define AQ2_RPF_RSS_REDIR_REG(tc, i)		\
+	 (0x6200 + (0x100 * ((tc) >> 2)) + (i) * 4)
+#define AQ2_RPF_RSS_REDIR_TC_MASK(tc)		\
+	 (0x1f << (5 * ((tc) & 3)))
 
 #define AQ2_RPF_REC_TAB_ENABLE_REG		0x6ff0
 #define  AQ2_RPF_REC_TAB_ENABLE_MASK		0x0000ffff
@@ -1282,8 +1292,7 @@ aq_attach(struct device *parent, struct device *self, void *aux)
 
 	if (pci_intr_map_msix(pa, 0, &ih) == 0) {
 		int nmsix = pci_intr_msix_count(pa);
-		/* don't do rss on aq2 yet */
+		if (nmsix > 1) {
-		if (aqp->aq_hwtype == HWTYPE_AQ1 && nmsix > 1) {
 			nmsix--;
 			sc->sc_intrmap = intrmap_create(&sc->sc_dev,
 			    nmsix, AQ_MAXQ, INTRMAP_POWEROF2);
@@ -2803,6 +2812,26 @@ aq_hw_qos_set(struct aq_softc *sc)
 		AQ_WRITE_REG_BIT(sc, RPF_RPB_RX_TC_UPT_REG,
 		    RPF_RPB_RX_TC_UPT_MASK(i_priority), 0);
 	}
+
+	/* ring to TC mapping */
+	if (HWTYPE_AQ2_P(sc)) {
+		AQ_WRITE_REG_BIT(sc, TPB_TX_BUF_REG,
+		    TPB_TX_BUF_TC_Q_RAND_MAP_EN, 1);
+
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(0), 0x00000000);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(1), 0x00000000);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(2), 0x01010101);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(3), 0x01010101);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(4), 0x02020202);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(5), 0x02020202);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(6), 0x03030303);
+		AQ_WRITE_REG(sc, AQ2_TX_Q_TC_MAP_REG(7), 0x03030303);
+
+		AQ_WRITE_REG(sc, AQ2_RX_Q_TC_MAP_REG(0), 0x00000000);
+		AQ_WRITE_REG(sc, AQ2_RX_Q_TC_MAP_REG(1), 0x11111111);
+		AQ_WRITE_REG(sc, AQ2_RX_Q_TC_MAP_REG(2), 0x22222222);
+		AQ_WRITE_REG(sc, AQ2_RX_Q_TC_MAP_REG(3), 0x33333333);
+	}
 }
 
 int
@@ -2817,6 +2846,19 @@ aq_init_rss(struct aq_softc *sc)
 	if (sc->sc_nqueues == 1)
 		return 0;
 
+	if (HWTYPE_AQ2_P(sc)) {
+		AQ_WRITE_REG_BIT(sc, AQ2_RPF_REDIR2_REG, AQ2_RPF_REDIR2_INDEX, 0);
+		for (i = 0; i < AQ2_RPF_RSS_REDIR_MAX; i++) {
+			int tc;
+			int q;
+			for (tc = 0; tc < 4; tc++) {
+				q = (tc * 8) + (i % sc->sc_nqueues);
+				AQ_WRITE_REG_BIT(sc, AQ2_RPF_RSS_REDIR_REG(tc, i),
+				    AQ2_RPF_RSS_REDIR_TC_MASK(tc), q);
+			}
+		}
+	}
+
 	/* rss key is composed of 32 bit registers */
 	stoeplitz_to_key(rss_key, sizeof(rss_key));
 	for (i = 0; i < nitems(rss_key); i++) {

sys/dev/usb/xhcivar.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: xhcivar.h,v 1.16 2024/08/17 01:55:03 jsg Exp $ */
+/* $OpenBSD: xhcivar.h,v 1.17 2025/02/01 22:46:34 patrick Exp $ */
 
 /*
  * Copyright (c) 2014 Martin Pieuchot
@@ -133,8 +133,24 @@ int	xhci_intr(void *);
 int	xhci_detach(struct device *, int);
 int	xhci_activate(struct device *, int);
 
-#define	XREAD1(sc, a) bus_space_read_1((sc)->iot, (sc)->ioh, (a))
+static inline uint8_t
-#define	XREAD2(sc, a) bus_space_read_2((sc)->iot, (sc)->ioh, (a))
+xhci_read_1(bus_space_tag_t iot, bus_space_handle_t ioh, bus_size_t offset)
+{
+	uint32_t reg;
+	reg = bus_space_read_4(iot, ioh, offset & ~3);
+	return (reg >> ((offset & 3) * 8)) & 0xff;
+}
+
+static inline uint16_t
+xhci_read_2(bus_space_tag_t iot, bus_space_handle_t ioh, bus_size_t offset)
+{
+	uint32_t reg;
+	reg = bus_space_read_4(iot, ioh, offset & ~2);
+	return (reg >> ((offset & 2) * 8)) & 0xffff;
+}
+
+#define	XREAD1(sc, a) xhci_read_1((sc)->iot, (sc)->ioh, (a))
+#define	XREAD2(sc, a) xhci_read_2((sc)->iot, (sc)->ioh, (a))
 #define	XREAD4(sc, a) bus_space_read_4((sc)->iot, (sc)->ioh, (a))
 #define	XWRITE1(sc, a, x) bus_space_write_1((sc)->iot, (sc)->ioh, (a), (x))
 #define	XWRITE2(sc, a, x) bus_space_write_2((sc)->iot, (sc)->ioh, (a), (x))

sys/kern/uipc_socket.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uipc_socket.c,v 1.369 2025/01/31 13:49:18 mvs Exp $	*/
+/*	$OpenBSD: uipc_socket.c,v 1.370 2025/02/03 09:00:55 mvs Exp $	*/
 /*	$NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $	*/
 
 /*
@@ -2444,9 +2444,9 @@ filt_sowmodify(struct kevent *kev, struct knote *kn)
 	struct socket *so = kn->kn_fp->f_data;
 	int rv;
 
-	sofilt_lock(so, &so->so_snd);
+	mtx_enter(&so->so_snd.sb_mtx);
 	rv = knote_modify(kev, kn);
-	sofilt_unlock(so, &so->so_snd);
+	mtx_leave(&so->so_snd.sb_mtx);
 
 	return (rv);
 }
@@ -2457,9 +2457,9 @@ filt_sowprocess(struct knote *kn, struct kevent *kev)
 	struct socket *so = kn->kn_fp->f_data;
 	int rv;
 
-	sofilt_lock(so, &so->so_snd);
+	mtx_enter(&so->so_snd.sb_mtx);
 	rv = knote_process(kn, kev);
-	sofilt_unlock(so, &so->so_snd);
+	mtx_leave(&so->so_snd.sb_mtx);
 
 	return (rv);
 }

sys/lib/libz/infback.c

@@ -46,7 +46,7 @@ int ZEXPORT inflateBackInit_(z_streamp strm, int windowBits,
 #ifdef Z_SOLO
         return Z_STREAM_ERROR;
 #else
-    strm->zfree = zcfree;
+        strm->zfree = zcfree;
 #endif
     state = (struct inflate_state FAR *)ZALLOC(strm, 1,
                                                sizeof(struct inflate_state));

sys/net/if.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: if.c,v 1.725 2025/01/25 10:53:36 mvs Exp $	*/
+/*	$OpenBSD: if.c,v 1.726 2025/02/03 08:58:52 mvs Exp $	*/
 /*	$NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $	*/
 
 /*
@@ -975,7 +975,7 @@ if_output_local(struct ifnet *ifp, struct mbuf *m, sa_family_t af)
 
 	ifiq = ifp->if_iqs[flow % ifp->if_niqs];
 
-	return (ifiq_enqueue(ifiq, m) == 0 ? 0 : ENOBUFS);
+	return (ifiq_enqueue_qlim(ifiq, m, 8192) == 0 ? 0 : ENOBUFS);
 }
 
 void

sys/net/ifq.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ifq.c,v 1.55 2024/11/20 02:18:45 dlg Exp $ */
+/*	$OpenBSD: ifq.c,v 1.56 2025/02/03 08:58:52 mvs Exp $ */
 
 /*
  * Copyright (c) 2015 David Gwynne <dlg@openbsd.org>
@@ -796,9 +796,10 @@ ifiq_add_data(struct ifiqueue *ifiq, struct if_data *data)
 }
 
 int
-ifiq_enqueue(struct ifiqueue *ifiq, struct mbuf *m)
+ifiq_enqueue_qlim(struct ifiqueue *ifiq, struct mbuf *m, unsigned int qlim)
 {
 	struct ifnet *ifp = ifiq->ifiq_if;
+	unsigned int len;
 #if NBPFILTER > 0
 	caddr_t if_bpf = ifp->if_bpf;
 #endif
@@ -825,10 +826,22 @@ ifiq_enqueue(struct ifiqueue *ifiq, struct mbuf *m)
 	mtx_enter(&ifiq->ifiq_mtx);
 	ifiq->ifiq_packets++;
 	ifiq->ifiq_bytes += m->m_pkthdr.len;
-	ifiq->ifiq_enqueues++;
+
-	ml_enqueue(&ifiq->ifiq_ml, m);
+	if (qlim && ((len = ml_len(&ifiq->ifiq_ml) >= qlim))) {
+		ifiq->ifiq_qdrops++;
+	} else {
+		ifiq->ifiq_enqueues++;
+		ml_enqueue(&ifiq->ifiq_ml, m);
+		m = NULL;
+	}
+
 	mtx_leave(&ifiq->ifiq_mtx);
 
+	if (m) {
+		m_freem(m);
+		return (0);
+	}
+
 	task_add(ifiq->ifiq_softnet, &ifiq->ifiq_task);
 
 	return (0);

sys/net/ifq.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ifq.h,v 1.42 2024/11/20 02:18:45 dlg Exp $ */
+/*	$OpenBSD: ifq.h,v 1.43 2025/02/03 08:58:52 mvs Exp $ */
 
 /*
  * Copyright (c) 2015 David Gwynne <dlg@openbsd.org>
@@ -488,12 +488,19 @@ ifq_idx(struct ifqueue *ifq, unsigned int nifqs, const struct mbuf *m)
 void		 ifiq_init(struct ifiqueue *, struct ifnet *, unsigned int);
 void		 ifiq_destroy(struct ifiqueue *);
 int		 ifiq_input(struct ifiqueue *, struct mbuf_list *);
-int		 ifiq_enqueue(struct ifiqueue *, struct mbuf *);
+int		 ifiq_enqueue_qlim(struct ifiqueue *, struct mbuf *,
+		     unsigned int);
 void		 ifiq_add_data(struct ifiqueue *, struct if_data *);
 
 #define ifiq_len(_ifiq)		READ_ONCE(ml_len(&(_ifiq)->ifiq_ml))
 #define ifiq_empty(_ifiq)	(ifiq_len(_ifiq) == 0)
 
+static inline int
+ifiq_enqueue(struct ifiqueue *ifiq, struct mbuf *m)
+{
+	return ifiq_enqueue_qlim(ifiq, m, 0);
+}
+
 #endif /* _KERNEL */
 
 #endif /* _NET_IFQ_H_ */

sys/net/pf_norm.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_norm.c,v 1.233 2024/07/14 18:53:39 bluhm Exp $ */
+/*	$OpenBSD: pf_norm.c,v 1.234 2025/02/01 21:10:02 bluhm Exp $ */
 
 /*
  * Copyright 2001 Niels Provos <provos@citi.umich.edu>
@@ -667,34 +667,21 @@ pf_fillup_fragment(struct pf_frnode *key, u_int32_t id,
 
 		aftercut = frent->fe_off + frent->fe_len - after->fe_off;
 		if (aftercut < after->fe_len) {
-			int old_index, new_index;
-
 			DPFPRINTF(LOG_NOTICE, "frag tail overlap %d", aftercut);
 			m_adj(after->fe_m, aftercut);
-			old_index = pf_frent_index(after);
+			/* Fragment may switch queue as fe_off changes */
+			pf_frent_remove(frag, after);
 			after->fe_off += aftercut;
 			after->fe_len -= aftercut;
-			new_index = pf_frent_index(after);
+			/* Insert into correct queue */
-			if (old_index != new_index) {
+			if (pf_frent_insert(frag, after, prev)) {
-				DPFPRINTF(LOG_DEBUG, "frag index %d, new %d",
+				DPFPRINTF(LOG_WARNING,
-				    old_index, new_index);
+				    "fragment requeue limit exceeded");
-				/* Fragment switched queue as fe_off changed */
+				m_freem(after->fe_m);
-				after->fe_off -= aftercut;
+				pool_put(&pf_frent_pl, after);
-				after->fe_len += aftercut;
+				pf_status.fragments--;
-				/* Remove restored fragment from old queue */
+				/* There is not way to recover */
-				pf_frent_remove(frag, after);
+				goto free_fragment;
-				after->fe_off += aftercut;
-				after->fe_len -= aftercut;
-				/* Insert into correct queue */
-				if (pf_frent_insert(frag, after, prev)) {
-					DPFPRINTF(LOG_WARNING,
-					    "fragment requeue limit exceeded");
-					m_freem(after->fe_m);
-					pool_put(&pf_frent_pl, after);
-					pf_status.fragments--;
-					/* There is not way to recover */
-					goto free_fragment;
-				}
 			}
 			break;
 		}

sys/net/pipex.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pipex.c,v 1.157 2025/01/25 02:06:40 yasuoka Exp $ */
+/*	$OpenBSD: pipex.c,v 1.158 2025/02/03 09:44:30 yasuoka Exp $ */
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -1274,6 +1274,7 @@ pipex_pppoe_lookup_session(struct mbuf *m0)
 {
 	struct pipex_session *session;
 	struct pipex_pppoe_header pppoe;
+	struct ether_header eh;
 
 	/* short packet */
 	if (m0->m_pkthdr.len < (sizeof(struct ether_header) + sizeof(pppoe)))
@@ -1289,8 +1290,14 @@ pipex_pppoe_lookup_session(struct mbuf *m0)
 		PIPEX_DBG((NULL, LOG_DEBUG, "<%s> session not found (id=%d)",
 		    __func__, pppoe.session_id));
 #endif
-	if (session && session->proto.pppoe.over_ifidx !=
+	m_copydata(m0, 0, sizeof(struct ether_header), &eh);
-	    m0->m_pkthdr.ph_ifidx) {
+	if (session && (session->proto.pppoe.over_ifidx !=
+	    m0->m_pkthdr.ph_ifidx || memcmp(
+	    ((struct ether_header *)session->peer.sa.sa_data)->ether_dhost,
+	    eh.ether_shost, ETHER_ADDR_LEN) != 0)) {
+		PIPEX_DBG((NULL, LOG_DEBUG,
+		    "<%s> received packet from wrong host (id=%d)", __func__,
+		    pppoe.session_id));
 		pipex_rele_session(session);
 		session = NULL;
 	}
@@ -1518,7 +1525,8 @@ pipex_pptp_lookup_session(struct mbuf *m0)
 		PIPEX_DBG((NULL, LOG_DEBUG,
 		    "<%s> the source address of the session is not matched",
 		    __func__));
-		goto not_ours;
+		pipex_rele_session(session);
+		session = NULL;
 	}
 
 	return (session);
@@ -2036,7 +2044,8 @@ pipex_l2tp_lookup_session(struct mbuf *m0, int off, struct sockaddr *sasrc)
 		PIPEX_DBG((NULL, LOG_DEBUG,
 		    "<%s> the source address of the session is not matched",
 		    __func__));
-		goto not_ours;
+		pipex_rele_session(session);
+		session = NULL;
 	}
 
 	return (session);

usr.sbin/npppd/npppd/ppp.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ppp.c,v 1.32 2024/07/01 07:09:07 yasuoka Exp $ */
+/*	$OpenBSD: ppp.c,v 1.33 2025/02/03 08:26:51 yasuoka Exp $ */
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -25,7 +25,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
-/* $Id: ppp.c,v 1.32 2024/07/01 07:09:07 yasuoka Exp $ */
+/* $Id: ppp.c,v 1.33 2025/02/03 08:26:51 yasuoka Exp $ */
 /**@file
  * This file provides PPP(Point-to-Point Protocol, RFC 1661) and
  * {@link :: _npppd_ppp PPP instance} related functions.
@@ -192,11 +192,16 @@ ppp_set_tunnel_label(npppd_ppp *_this, char *buf, int lbuf)
 {
 	int flag, af;
 	char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
+	u_char *ea;
 
 	hbuf[0] = 0;
 	sbuf[0] = 0;
 	af = ((struct sockaddr *)&_this->phy_info)->sa_family;
-	if (af < AF_MAX) {
+	if (af == AF_LINK) {
+		ea = LLADDR((struct sockaddr_dl *)&_this->phy_info);
+		snprintf(buf, lbuf, "%02x:%02x:%02x:%02x:%02x:%02x", *ea,
+		    *(ea + 1), *(ea + 2), *(ea + 3), *(ea + 4), *(ea + 5));
+	} else if (af < AF_MAX) {
 		flag = NI_NUMERICHOST;
 		if (af == AF_INET || af == AF_INET6)
 			flag |= NI_NUMERICSERV;

usr.sbin/npppd/pppoe/pppoed.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pppoed.c,v 1.25 2021/03/29 03:54:40 yasuoka Exp $	*/
+/*	$OpenBSD: pppoed.c,v 1.26 2025/02/03 07:46:06 yasuoka Exp $	*/
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -28,7 +28,7 @@
 /**@file
  * This file provides the PPPoE(RFC2516) server(access concentrator)
  * implementation.
- * $Id: pppoed.c,v 1.25 2021/03/29 03:54:40 yasuoka Exp $
+ * $Id: pppoed.c,v 1.26 2025/02/03 07:46:06 yasuoka Exp $
  */
 #include <sys/param.h>	/* ALIGN */
 #include <sys/types.h>
@@ -671,8 +671,14 @@ pppoed_input(pppoed_listener *_this, uint8_t shost[ETHER_ADDR_LEN], int is_disc,
 	if (session_id != 0) {
 		hl = hash_lookup(_this->self->session_hash,
 		    (void *)(intptr_t)session_id);
-		if (hl != NULL)
+		if (hl != NULL) {
+			if (memcmp(((pppoe_session *)hl->item)->ether_addr,
+			    shost, ETHER_ADDR_LEN) != 0) {
+				reason = "received packet from wrong host.";
+				goto bad_packet;
+			}
 			session = (pppoe_session *)hl->item;
+		}
 	}
 	if (!is_disc) {
 		if (session != NULL)

usr.sbin/npppd/pptp/pptpd.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pptpd.c,v 1.34 2022/12/28 21:30:17 jmc Exp $	*/
+/*	$OpenBSD: pptpd.c,v 1.35 2025/02/03 07:46:06 yasuoka Exp $	*/
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -25,12 +25,12 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
-/* $Id: pptpd.c,v 1.34 2022/12/28 21:30:17 jmc Exp $ */
+/* $Id: pptpd.c,v 1.35 2025/02/03 07:46:06 yasuoka Exp $ */
 
 /**@file
  * This file provides a implementation of PPTP daemon.  Currently it
  * provides functions for PAC (PPTP Access Concentrator) only.
- * $Id: pptpd.c,v 1.34 2022/12/28 21:30:17 jmc Exp $
+ * $Id: pptpd.c,v 1.35 2025/02/03 07:46:06 yasuoka Exp $
  */
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -786,12 +786,22 @@ pptpd_gre_input(pptpd_listener *listener, struct sockaddr *peer, u_char *pkt,
 	/* route to pptp_call */
 	call_id = grehdr->call_id;
 
-	hl = hash_lookup(_this->call_id_map, CALL_ID_KEY(call_id, listener->index));
+	hl = hash_lookup(_this->call_id_map, CALL_ID_KEY(call_id,
+	    listener->index));
 	if (hl == NULL) {
 		reason = "Received GRE packet has unknown call_id";
 		goto bad_gre;
 	}
 	call = hl->item;
+
+	if (!(peer->sa_family == AF_INET &&
+	    call->ctrl->peer.ss_family == AF_INET &&
+	    ((struct sockaddr_in *)peer)->sin_addr.s_addr ==
+	    ((struct sockaddr_in *)&call->ctrl->peer)->sin_addr.s_addr)) {
+		reason = "Received GRE packet from invalid host";
+		goto bad_gre;
+	}
+
 	pptp_call_gre_input(call, seq, ack, input_flags, pkt, lpkt);
 
 	return;

usr.sbin/smtpd/smtpd-filters.7

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: smtpd-filters.7,v 1.13 2024/11/05 19:36:53 jmc Exp $
+.\"	$OpenBSD: smtpd-filters.7,v 1.14 2025/02/02 18:19:42 op Exp $
 .\"
 .\" Copyright (c) 2008 Janne Johansson <jj@openbsd.org>
 .\" Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net>
@@ -17,7 +17,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
 .\"
-.Dd $Mdocdate: November 5 2024 $
+.Dd $Mdocdate: February 2 2025 $
 .Dt SMTPD-FILTERS 7
 .Os
 .Sh NAME
@@ -465,7 +465,7 @@ Fields are separated by the
 .Dq |
 character.
 .Bd -literal -offset indent
-filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25
+filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|199.185.178.25
 .Ed
 .Pp
 The format consists of a protocol prefix containing the stream,
@@ -484,7 +484,7 @@ filter request,
 also separated by
 .Dq | :
 .Bd -literal -offset indent
-mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25
+mail.openbsd.org|199.185.178.25
 .Ed
 .Pp
 Unlike with report events,
@@ -553,9 +553,16 @@ filter-dataline|7641df9771b4ed00|1ef1c203cc576e5d|.
 .Pp
 The list of events and event-specific parameters for smtp-in are as follows:
 .Bl -tag -width Ds
-.It Ic connect : Ar rdns fcrdns src dest
+.It Ic connect : Ar rdns src
 This request is emitted after connection,
 before the banner is displayed.
+.Pp
+.Ar src
+contains either the IP address of the source
+(a.b.c.d for IPv4 or [x:x:x:x:x:x:x:x] IPv6)
+or
+.Dq local
+(for UNIX sockets).
 .It Ic helo : Ar identity
 This request is emitted after the client has emitted
 .Dq HELO .

usr.sbin/sysupgrade/sysupgrade.sh

@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: sysupgrade.sh,v 1.57 2024/10/25 03:42:06 deraadt Exp $
+# $OpenBSD: sysupgrade.sh,v 1.58 2025/02/03 18:55:55 florian Exp $
 #
 # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback
 # Copyright (c) 2015 Robert Peichaer <rpe@openbsd.org>
@@ -220,7 +220,7 @@ Directory does not contain SHA256.sig. Continue without verification = yes
 __EOT
 
 if ! ${KEEP}; then
-	CLEAN=$(echo SHA256 ${SETS} | sed -e 's/ /,/g')
+	CLEAN=$(echo BUILDINFO SHA256 ${SETS} | sed -e 's/ /,/g')
 	cat <<__EOT > /etc/rc.firsttime
 rm -f ${SETSDIR}/{${CLEAN}}
 __EOT