sync with OpenBSD -current

lib/libcrypto/man/BUF_MEM_new.3

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: BUF_MEM_new.3,v 1.18 2023/07/27 06:20:45 tb Exp $
+.\"	$OpenBSD: BUF_MEM_new.3,v 1.19 2024/07/24 08:57:58 tb Exp $
 .\"	OpenSSL doc/crypto/buffer.pod 18edda0f Sep 20 03:28:54 2000 +0000
 .\"	not merged: 74924dcb, 58e3457a, 21b0fa91, 7644a9ae
 .\"	OpenSSL doc/crypto/BUF_MEM_new.pod 53934822 Jun 9 16:39:19 2016 -0400
@@ -52,7 +52,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 27 2023 $
+.Dd $Mdocdate: July 24 2024 $
 .Dt BUF_MEM_NEW 3
 .Os
 .Sh NAME
@@ -90,8 +90,7 @@ The library uses the
 .Vt BUF_MEM
 structure defined in buffer.h:
 .Bd -literal
-typedef struct buf_mem_st
+typedef struct buf_mem_st {
-{
 	size_t length;	/* current number of bytes */
 	char *data;
 	size_t max;	/* size of buffer */

lib/libradius/Makefile

@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.3 2016/03/30 06:38:43 jmc Exp $
+#	$OpenBSD: Makefile,v 1.4 2024/07/24 08:22:26 yasuoka Exp $
 
 LIB=    	radius
 SRCS=		radius.c radius_attr.c radius_msgauth.c radius_userpass.c \
@@ -9,7 +9,8 @@ CFLAGS+=	-Wall
 
 MAN=		radius_new_request_packet.3
 
-.include <bsd.lib.mk>
+VERSION_SCRIPT=	Symbols.map
+SYMBOL_LIST=	${.CURDIR}/Symbols.list
 
 includes:
 	@cd ${.CURDIR}; for i in $(INCS); do \
@@ -19,3 +20,10 @@ includes:
 		echo $$j; \
 		eval "$$j"; \
 	done
+
+${VERSION_SCRIPT}: ${SYMBOL_LIST}
+	{ printf '{\n\tglobal:\n'; \
+	  sed '/^[._a-zA-Z]/s/$$/;/; s/^/		/' ${SYMBOL_LIST}; \
+	  printf '\n\tlocal:\n\t\t*;\n};\n'; } >$@.tmp && mv $@.tmp $@
+
+.include <bsd.lib.mk>

lib/libradius/Symbols.list

@@ -0,0 +1,89 @@
+radius_check_accounting_request_authenticator
+radius_check_message_authenticator
+radius_check_response_authenticator
+radius_convert_packet
+radius_decrypt_mppe_key_attr
+radius_decrypt_user_password_attr
+radius_del_attr_all
+radius_del_vs_attr_all
+radius_delete_packet
+radius_encrypt_mppe_key_attr
+radius_encrypt_user_password_attr
+radius_get_authenticator
+radius_get_authenticator_retval
+radius_get_code
+radius_get_data
+radius_get_eap_msk
+radius_get_id
+radius_get_ipv4_attr
+radius_get_ipv6_attr
+radius_get_length
+radius_get_mppe_recv_key_attr
+radius_get_mppe_send_key_attr
+radius_get_raw_attr
+radius_get_raw_attr_cat
+radius_get_raw_attr_ptr
+radius_get_request_authenticator_retval
+radius_get_request_packet
+radius_get_string_attr
+radius_get_uint16_attr
+radius_get_uint32_attr
+radius_get_uint64_attr
+radius_get_user_password_attr
+radius_get_vs_ipv4_attr
+radius_get_vs_ipv6_attr
+radius_get_vs_raw_attr
+radius_get_vs_raw_attr_cat
+radius_get_vs_raw_attr_ptr
+radius_get_vs_string_attr
+radius_get_vs_uint16_attr
+radius_get_vs_uint32_attr
+radius_get_vs_uint64_attr
+radius_has_attr
+radius_has_vs_attr
+radius_new_request_packet
+radius_new_response_packet
+radius_put_ipv4_attr
+radius_put_ipv6_attr
+radius_put_message_authenticator
+radius_put_mppe_recv_key_attr
+radius_put_mppe_send_key_attr
+radius_put_raw_attr
+radius_put_raw_attr_cat
+radius_put_string_attr
+radius_put_uint16_attr
+radius_put_uint32_attr
+radius_put_uint64_attr
+radius_put_user_password_attr
+radius_put_vs_ipv4_attr
+radius_put_vs_ipv6_attr
+radius_put_vs_raw_attr
+radius_put_vs_raw_attr_cat
+radius_put_vs_string_attr
+radius_put_vs_uint16_attr
+radius_put_vs_uint32_attr
+radius_put_vs_uint64_attr
+radius_recv
+radius_recvfrom
+radius_recvmsg
+radius_send
+radius_sendmsg
+radius_sendto
+radius_set_accounting_request_authenticator
+radius_set_id
+radius_set_ipv4_attr
+radius_set_ipv6_attr
+radius_set_message_authenticator
+radius_set_raw_attr
+radius_set_request_packet
+radius_set_response_authenticator
+radius_set_uint16_attr
+radius_set_uint32_attr
+radius_set_uint64_attr
+radius_set_vs_ipv4_attr
+radius_set_vs_ipv6_attr
+radius_set_vs_raw_attr
+radius_set_vs_uint16_attr
+radius_set_vs_uint32_attr
+radius_set_vs_uint64_attr
+radius_update_id

lib/libradius/radius_attr.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: radius_attr.c,v 1.2 2023/07/08 08:53:26 yasuoka Exp $ */
+/*	$OpenBSD: radius_attr.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -199,6 +199,31 @@ radius_put_raw_attr(RADIUS_PACKET * packet, uint8_t type, const void *buf,
 	return (0);
 }
 
+int
+radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type, const void *buf,
+    size_t length)
+{
+	RADIUS_ATTRIBUTE	*newattr;
+
+	if (length > 255 - 2)
+		return (-1);
+
+	if (radius_ensure_add_capacity(packet, length + 2) != 0)
+		return (-1);
+
+	memmove(packet->pdata->attributes + length + 2,
+	    packet->pdata->attributes,
+	    radius_get_length(packet) - sizeof(RADIUS_PACKET_DATA));
+
+	newattr = ATTRS_BEGIN(packet->pdata);
+	newattr->type = type;
+	newattr->length = length + 2;
+	memcpy(newattr->data, buf, length);
+	packet->pdata->length = htons(radius_get_length(packet) + length + 2);
+
+	return (0);
+}
+
 int
 radius_put_vs_raw_attr(RADIUS_PACKET * packet, uint32_t vendor, uint8_t vtype,
     const void *buf, size_t length)

lib/libradius/radius_local.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: radius_local.h,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */
+/*	$OpenBSD: radius_local.h,v 1.2 2024/07/24 08:19:16 yasuoka Exp $ */
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -74,6 +74,8 @@ struct _RADIUS_PACKET {
 #define ATTRS_ADVANCE(x) (x = ATTRS_NEXT(x))
 
 int radius_ensure_add_capacity(RADIUS_PACKET * packet, size_t capacity);
+int radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type,
+    const void *buf, size_t length);
 
 #define ROUNDUP(a, b)	((((a) + (b) - 1) / (b)) * (b))
 #define	MINIMUM(a, b)	(((a) < (b))? (a) : (b))

lib/libradius/radius_msgauth.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: radius_msgauth.c,v 1.2 2021/12/16 17:32:51 tb Exp $ */
+/*	$OpenBSD: radius_msgauth.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
 
 /*-
  * Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -112,7 +112,7 @@ radius_put_message_authenticator(RADIUS_PACKET * packet, const char *secret)
 	 * because content of Message-Authenticator attribute is assumed zero
 	 * during calculation.
 	 */
-	if (radius_put_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
+	if (radius_unshift_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
 	    ma, sizeof(ma)) != 0)
 		return (-1);
 

lib/libradius/radius_new_request_packet.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: radius_new_request_packet.3,v 1.6 2022/09/11 06:38:11 jmc Exp $
+.\" $OpenBSD: radius_new_request_packet.3,v 1.7 2024/07/24 08:19:16 yasuoka Exp $
 .\"
 .\" Copyright (c) 2009 Internet Initiative Japan Inc.
 .\" All rights reserved.
@@ -24,7 +24,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 11 2022 $
+.Dd $Mdocdate: July 24 2024 $
 .Dt RADIUS_NEW_REQUEST_PACKET 3
 .Os
 .Sh NAME
@@ -285,6 +285,10 @@ There are helper functions for Message-Authenticator attributes.
 and
 .Fn radius_set_message_authenticator
 calculate a Message-Authenticator and put or set it to packet, respectively.
+When
+.Fn radius_put_message_authenticator
+is used,
+the Message-Authenticator attribute is placed at the first in the attributes.
 .Pp
 .Fn radius_check_message_authenticator
 checks a Message-Authenticator.
@@ -368,9 +372,9 @@ NULL on failure.
 .Sh HISTORY
 The
 .Nm radius+
-library was first written by UMEZAWA Takeshi in 2002 for the ID gateway service
+library was first written by UMEZAWA Takeshi in 2002 for the ID Gateway service
-of Internet Initiative Japan.
+of Internet Initiative Japan Inc.
-YASUOKA Masahiko added support for Message-Authentication attributes in 2008.
+YASUOKA Masahiko added support for Message-Authenticator attributes in 2008.
 .Ox
 project rewrote C++ code to pure C code in 2010.
 The

lib/libradius/shlib_version

@@ -1,2 +1,2 @@
-major=1
+major=2
 minor=0

lib/libsndio/sioctl_sun.c

@@ -472,9 +472,18 @@ sioctl_sun_pollfd(struct sioctl_hdl *addr, struct pollfd *pfd, int events)
 {
 	struct sioctl_sun_hdl *hdl = (struct sioctl_sun_hdl *)addr;
 
+	hdl->events = events;
+
+	/*
+	 * The audio(4) driver doesn't support POLLOUT, so if it is
+	 * requested, don't set the struct pollfd. The AUDIO_MIXER_WRITE
+	 * ioctl never blocks, so just return POLLOUT in sioctl_sun_revents().
+	 */
+	if (events & POLLOUT)
+		return 0;
+
 	pfd->fd = hdl->fd;
 	pfd->events = POLLIN;
-	hdl->events = events;
 	return 1;
 }
 
@@ -485,6 +494,9 @@ sioctl_sun_revents(struct sioctl_hdl *arg, struct pollfd *pfd)
 	struct volume *vol;
 	int idx, n;
 
+	if (hdl->events & POLLOUT)
+		return POLLOUT;
+
 	if (pfd->revents & POLLIN) {
 		while (1) {
 			n = read(hdl->fd, &idx, sizeof(int));
@@ -514,5 +526,5 @@ sioctl_sun_revents(struct sioctl_hdl *arg, struct pollfd *pfd)
 				return POLLHUP;
 		}
 	}
-	return hdl->events & POLLOUT;
+	return 0;
 }

lib/libssl/d1_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_lib.c,v 1.64 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.65 2024/07/23 14:40:53 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -250,27 +250,6 @@ dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
 	return (ret);
 }
 
-/*
- * As it's impossible to use stream ciphers in "datagram" mode, this
- * simple filter is designed to disengage them in DTLS. Unfortunately
- * there is no universal way to identify stream SSL_CIPHER, so we have
- * to explicitly list their SSL_* codes. Currently RC4 is the only one
- * available, but if new ones emerge, they will have to be added...
- */
-const SSL_CIPHER *
-dtls1_get_cipher(unsigned int u)
-{
-	const SSL_CIPHER *cipher;
-
-	if ((cipher = ssl3_get_cipher(u)) == NULL)
-		return NULL;
-
-	if (cipher->algorithm_enc == SSL_RC4)
-		return NULL;
-
-	return cipher;
-}
-
 void
 dtls1_start_timer(SSL *s)
 {

lib/libssl/s3_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.256 2024/07/22 14:47:15 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.257 2024/07/23 14:40:53 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1127,12 +1127,12 @@ ssl3_num_ciphers(void)
 }
 
 const SSL_CIPHER *
-ssl3_get_cipher(unsigned int u)
+ssl3_get_cipher_by_index(int idx)
 {
-	if (u < SSL3_NUM_CIPHERS)
+	if (idx < 0 || idx >= SSL3_NUM_CIPHERS)
-		return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
+		return NULL;
-	else
+
-		return (NULL);
+	return &ssl3_ciphers[idx];
 }
 
 static int

lib/libssl/ssl_ciph.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.146 2024/07/22 14:47:15 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.147 2024/07/23 14:40:53 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -576,22 +576,6 @@ ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
 	*head = curr;
 }
 
-/* XXX beck: remove this in a followon to removing GOST */
-static void
-ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
-    unsigned long *enc, unsigned long *mac, unsigned long *ssl)
-{
-	*mkey = 0;
-	*auth = 0;
-	*enc = 0;
-	*mac = 0;
-	*ssl = 0;
-
-#ifdef SSL_FORBID_ENULL
-	*enc |= SSL_eNULL;
-#endif
-}
-
 static void
 ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
     unsigned long disabled_mkey, unsigned long disabled_auth,
@@ -608,10 +592,15 @@ ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
 	 * a linked list with at most num entries.
 	 */
 
-	/* Get the initial list of ciphers */
+	/*
+	 * Get the initial list of ciphers, iterating backwards over the
+	 * cipher list - the list is ordered by cipher value and we currently
+	 * hope that ciphers with higher cipher values are preferable...
+	 */
 	co_list_num = 0;	/* actual count of ciphers */
-	for (i = 0; i < num_of_ciphers; i++) {
+	for (i = num_of_ciphers - 1; i >= 0; i--) {
-		c = ssl_method->get_cipher(i);
+		c = ssl3_get_cipher_by_index(i);
+
 		/*
 		 * Drop any invalid ciphers and any which use unavailable
 		 * algorithms.
@@ -1153,11 +1142,19 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 	if (rule_str == NULL || cipher_list == NULL)
 		goto err;
 
-	/*
+	disabled_mkey = 0;
-	 * To reduce the work to do we only want to process the compiled
+	disabled_auth = 0;
-	 * in algorithms, so we first get the mask of disabled ciphers.
+	disabled_enc = 0;
-	 */
+	disabled_mac = 0;
-	ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
+	disabled_ssl = 0;
+
+#ifdef SSL_FORBID_ENULL
+	disabled_enc |= SSL_eNULL;
+#endif
+
+	/* DTLS cannot be used with stream ciphers. */
+	if (ssl_method->dtls)
+		disabled_enc |= SSL_RC4;
 
 	/*
 	 * Now we have to collect the available ciphers from the compiled

lib/libssl/ssl_local.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.22 2024/07/22 14:47:15 jsing Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.23 2024/07/23 14:40:54 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -379,8 +379,6 @@ struct ssl_method_st {
 	    int peek);
 	int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
 
-	const SSL_CIPHER *(*get_cipher)(unsigned int ncipher);
-
 	unsigned int enc_flags;		/* SSL_ENC_FLAG_* */
 };
 
@@ -1290,7 +1288,7 @@ int ssl3_send_alert(SSL *s, int level, int desc);
 int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
 int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
 int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher_by_index(int idx);
 const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
 int ssl3_renegotiate(SSL *ssl);
 

lib/libssl/ssl_methods.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_methods.c,v 1.31 2023/07/08 16:40:13 beck Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.32 2024/07/23 14:40:54 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -77,7 +77,6 @@ static const SSL_METHOD DTLS_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -98,7 +97,6 @@ static const SSL_METHOD DTLS_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -119,7 +117,6 @@ static const SSL_METHOD DTLSv1_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_1_ENC_FLAGS,
 };
 
@@ -140,7 +137,6 @@ static const SSL_METHOD DTLSv1_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_1_ENC_FLAGS,
 };
 
@@ -161,7 +157,6 @@ static const SSL_METHOD DTLSv1_2_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -182,7 +177,6 @@ static const SSL_METHOD DTLSv1_2_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = dtls1_read_bytes,
 	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.get_cipher = dtls1_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -266,7 +260,6 @@ static const SSL_METHOD TLS_method_data = {
 	.ssl_pending = tls13_legacy_pending,
 	.ssl_read_bytes = tls13_legacy_read_bytes,
 	.ssl_write_bytes = tls13_legacy_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_3_ENC_FLAGS,
 };
 
@@ -287,7 +280,6 @@ static const SSL_METHOD TLS_legacy_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -308,7 +300,6 @@ static const SSL_METHOD TLS_client_method_data = {
 	.ssl_pending = tls13_legacy_pending,
 	.ssl_read_bytes = tls13_legacy_read_bytes,
 	.ssl_write_bytes = tls13_legacy_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_3_ENC_FLAGS,
 };
 
@@ -329,7 +320,6 @@ static const SSL_METHOD TLSv1_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_ENC_FLAGS,
 };
 
@@ -350,7 +340,6 @@ static const SSL_METHOD TLSv1_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_ENC_FLAGS,
 };
 
@@ -371,7 +360,6 @@ static const SSL_METHOD TLSv1_1_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_1_ENC_FLAGS,
 };
 
@@ -392,7 +380,6 @@ static const SSL_METHOD TLSv1_1_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_1_ENC_FLAGS,
 };
 
@@ -413,7 +400,6 @@ static const SSL_METHOD TLSv1_2_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 
@@ -434,7 +420,6 @@ static const SSL_METHOD TLSv1_2_client_method_data = {
 	.ssl_pending = ssl3_pending,
 	.ssl_read_bytes = ssl3_read_bytes,
 	.ssl_write_bytes = ssl3_write_bytes,
-	.get_cipher = ssl3_get_cipher,
 	.enc_flags = TLSV1_2_ENC_FLAGS,
 };
 

regress/lib/libssl/ciphers/cipherstest.c

@@ -1,4 +1,3 @@
-/*	$OpenBSD: cipherstest.c,v 1.15 2024/07/17 15:22:56 tb Exp $ */
 /*
  * Copyright (c) 2015, 2020 Joel Sing <jsing@openbsd.org>
  *
@@ -24,7 +23,7 @@
 #include <string.h>
 
 int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher_by_index(int idx);
 
 int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
 
@@ -48,12 +47,8 @@ check_cipher_order(void)
 
 	num_ciphers = ssl3_num_ciphers();
 
-	for (i = 1; i <= num_ciphers; i++) {
+	for (i = 0; i < num_ciphers; i++) {
-		/*
+		if ((cipher = ssl3_get_cipher_by_index(i)) == NULL) {
-		 * For some reason, ssl3_get_cipher() returns ciphers in
-		 * reverse order.
-		 */
-		if ((cipher = ssl3_get_cipher(num_ciphers - i)) == NULL) {
 			fprintf(stderr, "FAIL: ssl3_get_cipher(%d) returned "
 			    "NULL\n", i);
 			return 1;

sys/dev/pv/virtio.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: virtio.c,v 1.25 2024/05/24 10:05:55 jsg Exp $	*/
+/*	$OpenBSD: virtio.c,v 1.26 2024/07/23 19:14:05 sf Exp $	*/
 /*	$NetBSD: virtio.c,v 1.3 2011/11/02 23:05:52 njoly Exp $	*/
 
 /*
@@ -807,7 +807,7 @@ virtio_dequeue(struct virtio_softc *sc, struct virtqueue *vq,
  *                 if you forget to call this the slot will be leaked.
  *
  *                 Don't call this if you use statically allocated slots
- *                 and virtio_dequeue_trim().
+ *                 and virtio_enqueue_trim().
  */
 int
 virtio_dequeue_commit(struct virtqueue *vq, int slot)

sys/dev/usb/uaudio.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uaudio.c,v 1.174 2023/12/10 06:32:14 ratchov Exp $	*/
+/*	$OpenBSD: uaudio.c,v 1.175 2024/07/23 08:59:21 ratchov Exp $	*/
 /*
  * Copyright (c) 2018 Alexandre Ratchov <alex@caoua.org>
  *
@@ -2702,6 +2702,22 @@ uaudio_fixup_params(struct uaudio_softc *sc)
 	}
 }
 
+int
+uaudio_iface_index(struct uaudio_softc *sc, int ifnum)
+{
+	int i, nifaces;
+
+	nifaces = sc->udev->cdesc->bNumInterfaces;
+
+	for (i = 0; i < nifaces; i++) {
+		if (sc->udev->ifaces[i].idesc->bInterfaceNumber == ifnum)
+			return i;
+	}
+
+	printf("%s: %d: invalid interface number\n", __func__, ifnum);
+	return -1;
+}
+
 /*
  * Parse all descriptors and build configuration of the device.
  */
@@ -2711,6 +2727,7 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
 	struct uaudio_blob dp;
 	struct uaudio_alt *a;
 	unsigned int type, ifnum, altnum, nep, class, subclass;
+	int i;
 
 	while (p->rptr != p->wptr) {
 		if (!uaudio_getdesc(p, &dp))
@@ -2736,7 +2753,8 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
 
 		switch (subclass) {
 		case UISUBCLASS_AUDIOCONTROL:
-			if (usbd_iface_claimed(sc->udev, ifnum)) {
+			i = uaudio_iface_index(sc, ifnum);
+			if (i != -1 && usbd_iface_claimed(sc->udev, i)) {
 				DPRINTF("%s: %d: AC already claimed\n", __func__, ifnum);
 				break;
 			}
@@ -2748,7 +2766,8 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
 				return 0;
 			break;
 		case UISUBCLASS_AUDIOSTREAM:
-			if (usbd_iface_claimed(sc->udev, ifnum)) {
+			i = uaudio_iface_index(sc, ifnum);
+			if (i != -1 && usbd_iface_claimed(sc->udev, i)) {
 				DPRINTF("%s: %d: AS already claimed\n", __func__, ifnum);
 				break;
 			}
@@ -2768,10 +2787,19 @@ done:
 	 * Claim all interfaces we use. This prevents other uaudio(4)
 	 * devices from trying to use them.
 	 */
-	for (a = sc->alts; a != NULL; a = a->next)
+	for (a = sc->alts; a != NULL; a = a->next) {
-		usbd_claim_iface(sc->udev, a->ifnum);
+		i = uaudio_iface_index(sc, a->ifnum);
+		if (i != -1) {
+			DPRINTF("%s: claim: %d at %d\n", __func__, a->ifnum, i);
+			usbd_claim_iface(sc->udev, i);
+		}
+	}
 
-	usbd_claim_iface(sc->udev, sc->ctl_ifnum);
+	i = uaudio_iface_index(sc, sc->ctl_ifnum);
+	if (i != -1) {
+		DPRINTF("%s: claim: ac %d at %d\n", __func__, sc->ctl_ifnum, i);
+		usbd_claim_iface(sc->udev, i);
+	}
 
 	return 1;
 }

sys/kern/kern_exit.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exit.c,v 1.225 2024/07/22 08:18:53 claudio Exp $	*/
+/*	$OpenBSD: kern_exit.c,v 1.227 2024/07/24 15:30:17 claudio Exp $	*/
 /*	$NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $	*/
 
 /*
@@ -458,8 +458,6 @@ reaper(void *arg)
 
 		WITNESS_THREAD_EXIT(p);
 
-		KERNEL_LOCK();
-
 		/*
 		 * Free the VM resources we're still holding on to.
 		 * We must do this from a valid thread because doing
@@ -470,13 +468,16 @@ reaper(void *arg)
 
 		if (p->p_flag & P_THREAD) {
 			/* Just a thread */
+			KERNEL_LOCK();
 			proc_free(p);
+			KERNEL_UNLOCK();
 		} else {
 			struct process *pr = p->p_p;
 
 			/* Release the rest of the process's vmspace */
 			uvm_exit(pr);
 
+			KERNEL_LOCK();
 			if ((pr->ps_flags & PS_NOZOMBIE) == 0) {
 				/* Process is now a true zombie. */
 				atomic_setbits_int(&pr->ps_flags, PS_ZOMBIE);
@@ -493,11 +494,10 @@ reaper(void *arg)
 				/* No one will wait for us, just zap it. */
 				process_zap(pr);
 			}
-		}
-
 			KERNEL_UNLOCK();
 		}
 	}
+}
 
 int
 dowait6(struct proc *q, idtype_t idtype, id_t id, int *statusp, int options,
@@ -550,10 +550,9 @@ loop:
 			return (0);
 		}
 		if ((options & WTRAPPED) &&
-		    pr->ps_flags & PS_TRACED &&
+		    (pr->ps_flags & PS_TRACED) &&
 		    (pr->ps_flags & PS_WAITED) == 0 && pr->ps_single &&
-		    pr->ps_single->p_stat == SSTOP &&
+		    pr->ps_single->p_stat == SSTOP) {
-		    (pr->ps_single->p_flag & P_SUSPSINGLE) == 0) {
 			if (single_thread_wait(pr, 0))
 				goto loop;
 
@@ -578,8 +577,8 @@ loop:
 		if (p->p_stat == SSTOP &&
 		    (pr->ps_flags & PS_WAITED) == 0 &&
 		    (p->p_flag & P_SUSPSINGLE) == 0 &&
-		    (pr->ps_flags & PS_TRACED ||
+		    ((pr->ps_flags & PS_TRACED) ||
-		    options & WUNTRACED)) {
+		    (options & WUNTRACED))) {
 			if ((options & WNOWAIT) == 0)
 				atomic_setbits_int(&pr->ps_flags, PS_WAITED);
 

sys/kern/kern_sig.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_sig.c,v 1.333 2024/07/22 09:43:47 claudio Exp $	*/
+/*	$OpenBSD: kern_sig.c,v 1.334 2024/07/24 15:31:08 claudio Exp $	*/
 /*	$NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $	*/
 
 /*
@@ -2164,6 +2164,7 @@ single_thread_set(struct proc *p, int flags)
 		panic("single_thread_mode = %d", mode);
 #endif
 	}
+	KASSERT((p->p_flag & P_SUSPSINGLE) == 0);
 	pr->ps_single = p;
 	pr->ps_singlecnt = pr->ps_threadcnt;
 
@@ -2233,6 +2234,7 @@ single_thread_wait(struct process *pr, int recheck)
 		if (!recheck)
 			break;
 	}
+	KASSERT((pr->ps_single->p_flag & P_SUSPSINGLE) == 0);
 	mtx_leave(&pr->ps_mtx);
 
 	return wait;

sys/kern/kern_synch.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_synch.c,v 1.205 2024/06/03 12:48:25 claudio Exp $	*/
+/*	$OpenBSD: kern_synch.c,v 1.206 2024/07/23 08:38:02 claudio Exp $	*/
 /*	$NetBSD: kern_synch.c,v 1.37 1996/04/22 01:38:37 christos Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
 #include <sys/ktrace.h>
 #endif
 
-int	sleep_signal_check(void);
+int	sleep_signal_check(struct proc *);
 int	thrsleep(struct proc *, struct sys___thrsleep_args *);
 int	thrsleep_unlock(void *);
 
@@ -385,7 +385,7 @@ sleep_finish(int timo, int do_sleep)
 		 * we must be ready for sleep when sleep_signal_check() is
 		 * called.
 		 */
-		if ((error = sleep_signal_check()) != 0) {
+		if ((error = sleep_signal_check(p)) != 0) {
 			catch = 0;
 			do_sleep = 0;
 		}
@@ -438,7 +438,7 @@ sleep_finish(int timo, int do_sleep)
 
 	/* Check if thread was woken up because of a unwind or signal */
 	if (catch != 0)
-		error = sleep_signal_check();
+		error = sleep_signal_check(p);
 
 	/* Signal errors are higher priority than timeouts. */
 	if (error == 0 && error1 != 0)
@@ -451,9 +451,8 @@ sleep_finish(int timo, int do_sleep)
  * Check and handle signals and suspensions around a sleep cycle.
  */
 int
-sleep_signal_check(void)
+sleep_signal_check(struct proc *p)
 {
-	struct proc *p = curproc;
 	struct sigctx ctx;
 	int err, sig;
 

sys/kern/subr_log.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: subr_log.c,v 1.78 2023/09/22 20:03:05 mvs Exp $	*/
+/*	$OpenBSD: subr_log.c,v 1.79 2024/07/24 13:37:05 claudio Exp $	*/
 /*	$NetBSD: subr_log.c,v 1.11 1996/03/30 22:24:44 christos Exp $	*/
 
 /*
@@ -73,10 +73,11 @@
 /*
  * Locking:
  *	L	log_mtx
+ *	Q	log_kq_mtx
  */
 struct logsoftc {
 	int	sc_state;		/* [L] see above for possibilities */
-	struct	klist sc_klist;		/* process waiting on kevent call */
+	struct	klist sc_klist;		/* [Q] process waiting on kevent call */
 	struct	sigio_ref sc_sigio;	/* async I/O registration */
 	int	sc_need_wakeup;		/* if set, wake up waiters */
 	struct timeout sc_tick;		/* wakeup poll timeout */
@@ -97,6 +98,8 @@ struct	rwlock syslogf_rwlock = RWLOCK_INITIALIZER("syslogf");
  */
 struct	mutex log_mtx =
     MUTEX_INITIALIZER_FLAGS(IPL_HIGH, "logmtx", MTX_NOWITNESS);
+struct	mutex log_kq_mtx =
+    MUTEX_INITIALIZER_FLAGS(IPL_HIGH, "logkqmtx", MTX_NOWITNESS);
 
 void filt_logrdetach(struct knote *kn);
 int filt_logread(struct knote *kn, long hint);
@@ -208,7 +211,7 @@ logopen(dev_t dev, int flags, int mode, struct proc *p)
 	if (log_open)
 		return (EBUSY);
 	log_open = 1;
-	klist_init_mutex(&logsoftc.sc_klist, &log_mtx);
+	klist_init_mutex(&logsoftc.sc_klist, &log_kq_mtx);
 	sigio_init(&logsoftc.sc_sigio);
 	timeout_set(&logsoftc.sc_tick, logtick, NULL);
 	timeout_add_msec(&logsoftc.sc_tick, LOG_TICK);
@@ -336,7 +339,9 @@ filt_logread(struct knote *kn, long hint)
 {
 	struct msgbuf *mbp = kn->kn_hook;
 
+	mtx_enter(&log_mtx);
 	kn->kn_data = msgbuf_getlen(mbp);
+	mtx_leave(&log_mtx);
 	return (kn->kn_data != 0);
 }
 
@@ -345,9 +350,9 @@ filt_logmodify(struct kevent *kev, struct knote *kn)
 {
 	int active;
 
-	mtx_enter(&log_mtx);
+	mtx_enter(&log_kq_mtx);
 	active = knote_modify(kev, kn);
-	mtx_leave(&log_mtx);
+	mtx_leave(&log_kq_mtx);
 
 	return (active);
 }
@@ -357,9 +362,9 @@ filt_logprocess(struct knote *kn, struct kevent *kev)
 {
 	int active;
 
-	mtx_enter(&log_mtx);
+	mtx_enter(&log_kq_mtx);
 	active = knote_process(kn, kev);
-	mtx_leave(&log_mtx);
+	mtx_leave(&log_kq_mtx);
 
 	return (active);
 }
@@ -404,9 +409,10 @@ logtick(void *arg)
 	state = logsoftc.sc_state;
 	if (logsoftc.sc_state & LOG_RDWAIT)
 		logsoftc.sc_state &= ~LOG_RDWAIT;
-	knote_locked(&logsoftc.sc_klist, 0);
 	mtx_leave(&log_mtx);
 
+	knote(&logsoftc.sc_klist, 0);
+
 	if (state & LOG_ASYNC)
 		pgsigio(&logsoftc.sc_sigio, SIGIO, 0);
 	if (state & LOG_RDWAIT)

sys/net/pfkeyv2_parsemessage.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.62 2023/09/29 18:45:42 tobhe Exp $	*/
+/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.63 2024/07/23 20:04:51 tobhe Exp $	*/
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -144,9 +144,9 @@ uint64_t sadb_exts_allowed_in[SADB_MAX+1] =
 	/* GETSPI */
 	BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_SPIRANGE,
 	/* UPDATE */
-	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_ADDRESS_PROXY | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_IFACE,
+	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_ADDRESS_PROXY | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_COUNTER | BITMAP_X_REPLAY | BITMAP_X_IFACE,
 	/* ADD */
-	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_IFACE,
+	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_COUNTER | BITMAP_X_REPLAY | BITMAP_X_IFACE,
 	/* DELETE */
 	BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_X_RDOMAIN,
 	/* GET */
@@ -851,6 +851,19 @@ pfkeyv2_parsemessage(void *p, int len, void **headers)
 				return (EINVAL);
 			}
 			break;
+		case SADB_X_EXT_REPLAY:
+			if (i != sizeof(struct sadb_x_replay)) {
+				DPRINTF("bad REPLAY header length");
+				return (EINVAL);
+			}
+			break;
+		case SADB_X_EXT_COUNTER:
+			if (i != sizeof(struct sadb_x_counter)) {
+				DPRINTF("bad COUNTER header length");
+				return (EINVAL);
+			}
+			break;
+
 #if NPF > 0
 		case SADB_X_EXT_TAG:
 			if (i < sizeof(struct sadb_x_tag)) {

sys/uvm/uvm_device.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_device.c,v 1.66 2021/12/15 12:53:53 mpi Exp $	*/
+/*	$OpenBSD: uvm_device.c,v 1.67 2024/07/24 12:15:55 mpi Exp $	*/
 /*	$NetBSD: uvm_device.c,v 1.30 2000/11/25 06:27:59 chs Exp $	*/
 
 /*
@@ -245,8 +245,6 @@ udv_detach(struct uvm_object *uobj)
 {
 	struct uvm_device *udv = (struct uvm_device *)uobj;
 
-	KERNEL_ASSERT_LOCKED();
-
 	/*
 	 * loop until done
 	 */

sys/uvm/uvm_extern.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_extern.h,v 1.174 2024/04/02 08:39:17 deraadt Exp $	*/
+/*	$OpenBSD: uvm_extern.h,v 1.175 2024/07/24 12:17:31 mpi Exp $	*/
 /*	$NetBSD: uvm_extern.h,v 1.57 2001/03/09 01:02:12 chs Exp $	*/
 
 /*
@@ -195,11 +195,12 @@ struct pmap;
  *  Locks used to protect struct members in this file:
  *	K	kernel lock
  *	I	immutable after creation
+ *	a	atomic operations
  *	v	vm_map's lock
  */
 struct vmspace {
 	struct	vm_map vm_map;	/* VM address map */
-	int	vm_refcnt;	/* [K] number of references */
+	int	vm_refcnt;	/* [a] number of references */
 	caddr_t	vm_shm;		/* SYS5 shared memory private data XXX */
 /* we copy from vm_startcopy to the end of the structure on fork */
 #define vm_startcopy vm_rssize

sys/uvm/uvm_map.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_map.c,v 1.329 2024/06/02 15:31:57 deraadt Exp $	*/
+/*	$OpenBSD: uvm_map.c,v 1.330 2024/07/24 12:17:31 mpi Exp $	*/
 /*	$NetBSD: uvm_map.c,v 1.86 2000/11/27 08:40:03 chs Exp $	*/
 
 /*
@@ -1346,7 +1346,6 @@ void
 uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
 {
 	struct vm_map_entry *entry, *tmp;
-	int waitok = flags & UVM_PLA_WAITOK;
 
 	TAILQ_FOREACH_SAFE(entry, deadq, dfree.deadq, tmp) {
 		/* Drop reference to amap, if we've got one. */
@@ -1356,21 +1355,6 @@ uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
 			    atop(entry->end - entry->start),
 			    flags & AMAP_REFALL);
 
-		/* Skip entries for which we have to grab the kernel lock. */
-		if (UVM_ET_ISSUBMAP(entry) || UVM_ET_ISOBJ(entry))
-			continue;
-
-		TAILQ_REMOVE(deadq, entry, dfree.deadq);
-		uvm_mapent_free(entry);
-	}
-
-	if (TAILQ_EMPTY(deadq))
-		return;
-
-	KERNEL_LOCK();
-	while ((entry = TAILQ_FIRST(deadq)) != NULL) {
-		if (waitok)
-			uvm_pause();
 		/* Drop reference to our backing object, if we've got one. */
 		if (UVM_ET_ISSUBMAP(entry)) {
 			/* ... unlikely to happen, but play it safe */
@@ -1381,11 +1365,9 @@ uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
 			    entry->object.uvm_obj);
 		}
 
-		/* Step to next. */
 		TAILQ_REMOVE(deadq, entry, dfree.deadq);
 		uvm_mapent_free(entry);
 	}
-	KERNEL_UNLOCK();
 }
 
 void
@@ -2476,10 +2458,6 @@ uvm_map_teardown(struct vm_map *map)
 #endif
 	int			 i;
 
-	KERNEL_ASSERT_LOCKED();
-	KERNEL_UNLOCK();
-	KERNEL_ASSERT_UNLOCKED();
-
 	KASSERT((map->flags & VM_MAP_INTRSAFE) == 0);
 
 	vm_map_lock(map);
@@ -2535,9 +2513,7 @@ uvm_map_teardown(struct vm_map *map)
 		numq++;
 	KASSERT(numt == numq);
 #endif
-	uvm_unmap_detach(&dead_entries, UVM_PLA_WAITOK);
+	uvm_unmap_detach(&dead_entries, 0);
-
-	KERNEL_LOCK();
 
 	pmap_destroy(map->pmap);
 	map->pmap = NULL;
@@ -3417,10 +3393,8 @@ uvmspace_exec(struct proc *p, vaddr_t start, vaddr_t end)
 void
 uvmspace_addref(struct vmspace *vm)
 {
-	KERNEL_ASSERT_LOCKED();
 	KASSERT(vm->vm_refcnt > 0);
-
+	atomic_inc_int(&vm->vm_refcnt);
-	vm->vm_refcnt++;
 }
 
 /*
@@ -3429,9 +3403,7 @@ uvmspace_addref(struct vmspace *vm)
 void
 uvmspace_free(struct vmspace *vm)
 {
-	KERNEL_ASSERT_LOCKED();
+	if (atomic_dec_int_nv(&vm->vm_refcnt) == 0) {
-
-	if (--vm->vm_refcnt == 0) {
 		/*
 		 * lock the map, to wait out all other references to it.  delete
 		 * all of the mappings and pages they hold, then call the pmap
@@ -3439,8 +3411,11 @@ uvmspace_free(struct vmspace *vm)
 		 */
 #ifdef SYSVSHM
 		/* Get rid of any SYSV shared memory segments. */
-		if (vm->vm_shm != NULL)
+		if (vm->vm_shm != NULL) {
+			KERNEL_LOCK();
 			shmexit(vm);
+			KERNEL_UNLOCK();
+		}
 #endif
 
 		uvm_map_teardown(&vm->vm_map);

sys/uvm/uvm_pager.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_pager.c,v 1.91 2023/08/11 17:53:22 mpi Exp $	*/
+/*	$OpenBSD: uvm_pager.c,v 1.92 2024/07/24 12:18:10 mpi Exp $	*/
 /*	$NetBSD: uvm_pager.c,v 1.36 2000/11/27 18:26:41 chs Exp $	*/
 
 /*
@@ -134,24 +134,6 @@ uvm_pseg_get(int flags)
 	int i;
 	struct uvm_pseg *pseg;
 
-	/*
-	 * XXX Prevent lock ordering issue in uvm_unmap_detach().  A real
-	 * fix would be to move the KERNEL_LOCK() out of uvm_unmap_detach().
-	 *
-	 *  witness_checkorder() at witness_checkorder+0xba0
-	 *  __mp_lock() at __mp_lock+0x5f
-	 *  uvm_unmap_detach() at uvm_unmap_detach+0xc5
-	 *  uvm_map() at uvm_map+0x857
-	 *  uvm_km_valloc_try() at uvm_km_valloc_try+0x65
-	 *  uvm_pseg_get() at uvm_pseg_get+0x6f
-	 *  uvm_pagermapin() at uvm_pagermapin+0x45
-	 *  uvn_io() at uvn_io+0xcf
-	 *  uvn_get() at uvn_get+0x156
-	 *  uvm_fault_lower() at uvm_fault_lower+0x28a
-	 *  uvm_fault() at uvm_fault+0x1b3
-	 *  upageflttrap() at upageflttrap+0x62
-	 */
-	KERNEL_LOCK();
 	mtx_enter(&uvm_pseg_lck);
 
 pager_seg_restart:
@@ -178,7 +160,6 @@ pager_seg_restart:
 			if (!UVM_PSEG_INUSE(pseg, i)) {
 				pseg->use |= 1 << i;
 				mtx_leave(&uvm_pseg_lck);
-				KERNEL_UNLOCK();
 				return pseg->start + i * MAXBSIZE;
 			}
 		}
@@ -191,7 +172,6 @@ pager_seg_fail:
 	}
 
 	mtx_leave(&uvm_pseg_lck);
-	KERNEL_UNLOCK();
 	return 0;
 }
 

sys/uvm/uvm_vnode.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_vnode.c,v 1.132 2023/04/10 04:21:20 jsg Exp $	*/
+/*	$OpenBSD: uvm_vnode.c,v 1.133 2024/07/24 12:16:21 mpi Exp $	*/
 /*	$NetBSD: uvm_vnode.c,v 1.36 2000/11/24 20:34:01 chs Exp $	*/
 
 /*
@@ -306,10 +306,12 @@ uvn_detach(struct uvm_object *uobj)
 	struct vnode *vp;
 	int oldflags;
 
+	KERNEL_LOCK();
 	rw_enter(uobj->vmobjlock, RW_WRITE);
 	uobj->uo_refs--;			/* drop ref! */
 	if (uobj->uo_refs) {			/* still more refs */
 		rw_exit(uobj->vmobjlock);
+		KERNEL_UNLOCK();
 		return;
 	}
 
@@ -365,6 +367,7 @@ uvn_detach(struct uvm_object *uobj)
 
 	if ((uvn->u_flags & UVM_VNODE_RELKILL) == 0) {
 		rw_exit(uobj->vmobjlock);
+		KERNEL_UNLOCK();
 		return;
 	}
 
@@ -387,8 +390,7 @@ out:
 
 	/* drop our reference to the vnode. */
 	vrele(vp);
-
+	KERNEL_UNLOCK();
-	return;
 }
 
 /*

usr.bin/sndiod/file.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: file.c,v 1.26 2022/12/26 19:16:03 jmc Exp $	*/
+/*	$OpenBSD: file.c,v 1.27 2024/07/23 06:34:03 ratchov Exp $	*/
 /*
  * Copyright (c) 2008-2012 Alexandre Ratchov <alex@caoua.org>
  *
@@ -63,7 +63,7 @@
 void timo_update(unsigned int);
 void timo_init(void);
 void timo_done(void);
-void file_process(struct file *, struct pollfd *);
+int file_process(struct file *, struct pollfd *);
 
 struct timespec file_ts;
 struct file *file_list;
@@ -270,10 +270,10 @@ file_del(struct file *f)
 #endif
 }
 
-void
+int
 file_process(struct file *f, struct pollfd *pfd)
 {
-	int revents;
+	int rc, revents;
 #ifdef DEBUG
 	struct timespec ts0, ts1;
 	long us;
@@ -283,14 +283,21 @@ file_process(struct file *f, struct pollfd *pfd)
 	if (log_level >= 3)
 		clock_gettime(CLOCK_UPTIME, &ts0);
 #endif
+	rc = 0;
 	revents = (f->state != FILE_ZOMB) ?
 	    f->ops->revents(f->arg, pfd) : 0;
-	if ((revents & POLLHUP) && (f->state != FILE_ZOMB))
+	if ((revents & POLLHUP) && (f->state != FILE_ZOMB)) {
 		f->ops->hup(f->arg);
-	if ((revents & POLLIN) && (f->state != FILE_ZOMB))
+		rc = 1;
+	}
+	if ((revents & POLLIN) && (f->state != FILE_ZOMB)) {
 		f->ops->in(f->arg);
-	if ((revents & POLLOUT) && (f->state != FILE_ZOMB))
+		rc = 1;
+	}
+	if ((revents & POLLOUT) && (f->state != FILE_ZOMB)) {
 		f->ops->out(f->arg);
+		rc = 1;
+	}
 #ifdef DEBUG
 	if (log_level >= 3) {
 		clock_gettime(CLOCK_UPTIME, &ts1);
@@ -304,6 +311,7 @@ file_process(struct file *f, struct pollfd *pfd)
 		}
 	}
 #endif
+	return rc;
 }
 
 int
@@ -370,11 +378,19 @@ file_poll(void)
 	/*
 	 * process files that do not rely on poll
 	 */
+	res = 0;
 	for (f = file_list; f != NULL; f = f->next) {
 		if (f->nfds > 0)
 			continue;
-		file_process(f, NULL);
+		res |= file_process(f, NULL);
 	}
+	/*
+	 * The processing may have changed the poll(2) conditions of
+	 * other files, so restart the loop to force their poll(2) event
+	 * masks to be reevaluated.
+	 */
+	if (res)
+		return 1;
 
 	/*
 	 * Sleep. Calculate the number of milliseconds poll(2) must

usr.sbin/radiusctl/parser.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.c,v 1.3 2024/07/09 17:26:14 yasuoka Exp $	*/
+/*	$OpenBSD: parser.c,v 1.4 2024/07/24 08:27:20 yasuoka Exp $	*/
 
 /*
  * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net>
@@ -44,6 +44,7 @@ enum token_type {
 	MAXWAIT,
 	FLAGS,
 	SESSION_SEQ,
+	MSGAUTH,
 	ENDTOKEN
 };
 
@@ -58,6 +59,7 @@ static struct parse_result res = {
 	.tries		= TEST_TRIES_DEFAULT,
 	.interval	= { TEST_INTERVAL_DEFAULT, 0 },
 	.maxwait	= { TEST_MAXWAIT_DEFAULT, 0 },
+	.msgauth	= 1
 };
 
 static const struct token t_test[];
@@ -71,6 +73,7 @@ static const struct token t_nas_port[];
 static const struct token t_tries[];
 static const struct token t_interval[];
 static const struct token t_maxwait[];
+static const struct token t_yesno[];
 static const struct token t_ipcp[];
 static const struct token t_ipcp_flags[];
 static const struct token t_ipcp_session_seq[];
@@ -105,6 +108,7 @@ static const struct token t_test_opts[] = {
 	{ KEYWORD,	"interval",	NONE,		t_interval },
 	{ KEYWORD,	"tries",	NONE,		t_tries },
 	{ KEYWORD,	"maxwait",	NONE,		t_maxwait },
+	{ KEYWORD,	"msgauth",	NONE,		t_yesno },
 	{ ENDTOKEN,	"",		NONE,		NULL }
 };
 
@@ -143,6 +147,12 @@ static const struct token t_maxwait[] = {
 	{ ENDTOKEN,	"",		NONE,		NULL }
 };
 
+static const struct token t_yesno[] = {
+	{ MSGAUTH,	"yes",		1,		t_test_opts },
+	{ MSGAUTH,	"no",		0,		t_test_opts },
+	{ ENDTOKEN,	"",		NONE,		NULL }
+};
+
 static const struct token t_ipcp[] = {
 	{ KEYWORD,	"show",		IPCP_SHOW,	NULL },
 	{ KEYWORD,	"dump",		IPCP_DUMP,	t_ipcp_flags },
@@ -365,6 +375,14 @@ match_token(char *word, const struct token table[])
 				printf("invalid argument: %s is %s for "
 				"\"session-id\"", word, errstr);
 			t = &table[i];
+		case MSGAUTH:
+			if (word != NULL &&
+			    strcmp(word, table[i].keyword) == 0) {
+				match++;
+				res.msgauth = table[i].value;
+				t = &table[i];
+			}
+			break;
 		case ENDTOKEN:
 			break;
 		}
@@ -436,6 +454,9 @@ show_valid_args(const struct token table[])
 		case SESSION_SEQ:
 			fprintf(stderr, "  <sequence number>\n");
 			break;
+		case MSGAUTH:
+			fprintf(stderr, "  %s\n", table[i].keyword);
+			break;
 		case ENDTOKEN:
 			break;
 		}

usr.sbin/radiusctl/parser.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.h,v 1.3 2024/07/09 17:26:14 yasuoka Exp $	*/
+/*	$OpenBSD: parser.h,v 1.4 2024/07/24 08:27:20 yasuoka Exp $	*/
 
 /* This file is derived from OpenBSD:src/usr.sbin/ikectl/parser.h 1.9 */
 /*
@@ -60,6 +60,7 @@ struct parse_result {
 	const char		*password;
 	u_short			 port;
 	int			 nas_port;
+	int			 msgauth;
 	enum auth_method	 auth_method;
 
 	/* number of packets to try sending */

usr.sbin/radiusctl/radiusctl.8

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: radiusctl.8,v 1.8 2024/07/14 03:47:44 jsg Exp $
+.\"	$OpenBSD: radiusctl.8,v 1.9 2024/07/24 08:27:20 yasuoka Exp $
 .\"
 .\" Copyright (c) YASUOKA Masahiko <yasuoka@yasuoka.net>
 .\"
@@ -15,7 +15,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
 .\"
-.Dd $Mdocdate: July 14 2024 $
+.Dd $Mdocdate: July 24 2024 $
 .Dt RADIUSCTL 8
 .Os
 .Sh NAME
@@ -86,6 +86,9 @@ the default port number 1812 is used.
 .It Cm tries Ar number
 Specifies the number of packets to try sending.
 The default is 3.
+.It Cm msgauth Ar yes | no
+Specifies if Message-Authenticator is given for the access request packet.
+The default is yes.
 .El
 .It Cm ipcp show
 Show all ipcp sessions in the database of

usr.sbin/radiusctl/radiusctl.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: radiusctl.c,v 1.11 2024/07/22 09:39:23 yasuoka Exp $	*/
+/*	$OpenBSD: radiusctl.c,v 1.12 2024/07/24 08:27:20 yasuoka Exp $	*/
 /*
  * Copyright (c) 2015 YASUOKA Masahiko <yasuoka@yasuoka.net>
  *
@@ -368,6 +368,7 @@ radius_test(struct parse_result *res)
 	u32val = htonl(res->nas_port);
 	radius_put_raw_attr(reqpkt, RADIUS_TYPE_NAS_PORT, &u32val, 4);
 
+	if (res->msgauth)
 		radius_put_message_authenticator(reqpkt, res->secret);
 
 	event_init();
@@ -500,6 +501,10 @@ radius_dump(FILE *out, RADIUS_PACKET *pkt, bool resp, const char *secret)
 		    : (radius_check_message_authenticator(pkt, secret) == 0)
 		    ? "Verified" : "NG");
 	}
+	if (!resp)
+		fprintf(out, "    Message-Authenticator     = %s\n",
+		    (radius_has_attr(pkt, RADIUS_TYPE_MESSAGE_AUTHENTICATOR))
+		    ? "(Present)" : "(Not present)");
 
 	if (radius_get_string_attr(pkt, RADIUS_TYPE_USER_NAME, buf,
 	    sizeof(buf)) == 0)