openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 23:33:33 +02:00
Code Activity

Commit Graph

  • 5882f2fc91 handle missed beacons notification sent by newer iwx(4) firmware stsp 2026-03-11 09:33:45 +00:00
  • 69cdc7a4db ignore bt-coex notifications sent by iwx(4) BZ -98 firmware stsp 2026-03-11 09:29:44 +00:00
  • 790e9981c3 make the iwx(4) firmware image parser handle BZ firmware with API -92 stsp 2026-03-11 09:27:59 +00:00
  • 20a703e12b do not send smart fifo commands if iwx(4) firmware has them offloaded stsp 2026-03-11 09:23:47 +00:00
  • a9c8c77840 Check return values of fcntl(... O_CLOEXEC) calls by reusing the macro in monitor.c. Flagged by Coverity CID 901297 in ssh-sk-client.c, a few other instances added for good measure. begrudging ok deraadt@ dtucker 2026-03-11 09:10:59 +00:00
  • e57c83662f Fix potential 1-byte array overrun in the case where read() returns exactly 100 bytes. Flagged by Coverity CID 901296, ok djm@ dtucker 2026-03-11 09:04:17 +00:00
  • ad078ea79c Only enable MIMO on MLD iwx(4) devices if our AP supports MIMO. stsp 2026-03-11 09:01:51 +00:00
  • e63578fc1c Only add iwx(4) firmware PHY context once our channel is known. stsp 2026-03-11 08:58:11 +00:00
  • 4223b0707c move to 7.9-beta deraadt 2026-03-11 02:27:20 +00:00
  • 177cf78f1b RFC5321 specifies max-rcpt to be >= 100 as a MUST. martijn 2026-03-10 17:40:35 +00:00
  • a12ffaca14 Allow filters to prepend loglines with a priority tag. This way logmessages can be written under a reasonable priority, instead of putting everything under warning. Current behaviour of tagless messages will still be written out under warning. martijn 2026-03-10 17:35:05 +00:00
  • 89376f47cc Let smtpd write filter logging out to syslog under their own syslogtag. This makes the layout more consistent with smtpd internal, and gives a little more flexibility inside syslogd. martijn 2026-03-10 17:30:23 +00:00
  • 231232887a From now on, readlink(2) requires pledge "rpath" Discussed with david leadbeater and beck deraadt 2026-03-10 16:33:42 +00:00
  • f7c9e3b037 use O_CLOEXEC; ok guenther deraadt 2026-03-10 16:27:33 +00:00
  • 6dfd844d48 use O_CLOEXEC; ok guenther deraadt 2026-03-10 16:20:57 +00:00
  • d736c3b1ea make uvm_io.c build conditional to save space on ramdisks jsg 2026-03-10 08:17:08 +00:00
  • bcd423a398 Remove custom Rx A-MPDU reordering code from iwx(4). stsp 2026-03-10 08:00:57 +00:00
  • 38e04c86cd Prevent fatal firmware errors on iwx(4) Bz devices when forcing 11a/b/g mode. stsp 2026-03-10 07:58:53 +00:00
  • 8e7f447b9b whitespace djm 2026-03-10 07:27:14 +00:00
  • f3a2e738d6 libsndio: Move sio_sun_xrun() to sio.c and rename it to _sio_xrun() ratchov 2026-03-10 06:47:41 +00:00
  • 0fac09462d libsndio: Make sio_sun_xrun() backend-independent ratchov 2026-03-10 06:41:10 +00:00
  • eda317e2fc when unveils error our, use correct variable deraadt 2026-03-10 06:35:29 +00:00
  • 1ec94b9d85 document why there is a replacement db.c here deraadt 2026-03-10 06:34:50 +00:00
  • 4c33f35552 libsndio: Factor handling of pending clock ticks ratchov 2026-03-10 06:23:44 +00:00
  • c1cc2b6b41 Fix BIO_get_mem_data(3) return value documentation tb 2026-03-10 05:50:11 +00:00
  • ade1f4243b use the "e" flag with fopen() for O_CLOEXEC; ok tb deraadt 2026-03-10 05:28:31 +00:00
  • 239303363f use O_CLOEXEC; ok tb deraadt 2026-03-10 05:26:04 +00:00
  • 8759b09340 remove historical XXX comments no longer applicable deraadt 2026-03-10 05:01:35 +00:00
  • 7545cb8cf1 oops, deleted the wrong side of the #ifdef deraadt 2026-03-10 04:30:34 +00:00
  • 154e586d90 Remove pdp11 support (no joke) deraadt 2026-03-10 04:29:08 +00:00
  • 41934f3466 use O_CLOEXEC; ok guenther deraadt 2026-03-10 04:02:53 +00:00
  • d6641750ac When execve() failure is indicated on the pipe, replicate the same error conditions as the previous access() check did ok djm deraadt 2026-03-10 03:45:01 +00:00
  • fe2713695f unveil ssh-pkcs11-helper too; fixes breakage spotted by anton@ djm 2026-03-10 03:40:26 +00:00
  • 85a42d8397 I optimized a bit too far before commiting... deraadt 2026-03-10 02:55:34 +00:00
  • 124c32bc78 add comments for Strix/Krackan ids reused for Gorgon Point jsg 2026-03-10 02:04:21 +00:00
  • 8317b5d3df Use __pledge_open(2) for files that libc urgently needs even in lower promise levels. You must be running a kernel at least 4 days old. Soon, another commit will happen that breaks compatibility even further, and you'll need new static binaries and new libc.so, along with a new kernel. This removes an old pledge design decision which is weak. Long discussions with david leadbeater and beck deraadt 2026-03-10 00:06:39 +00:00
  • a976b8e255 update drm to linux 6.18.16 jsg 2026-03-09 23:57:53 +00:00
  • 079a32bcb7 Add a DMA constraint for the Rockchip RK3528 as well. kettenis 2026-03-09 21:12:25 +00:00
  • 9a1a408b06 realpath(3), meaning __realpath(2), should require pledge "rpath" deraadt 2026-03-09 19:18:20 +00:00
  • 159879dc01 Add support for version 2.2 of the Rockchip GPIO controller as found on the RK3576 SoC. kettenis 2026-03-09 19:12:29 +00:00
  • d092b8b551 Create stub for __pledge_open(2) system call. It is not being called yet. deraadt 2026-03-09 17:29:24 +00:00
  • 1631dbe444 Create stub for __pledge_open(2) system call. It is not being called yet. deraadt 2026-03-09 16:26:21 +00:00
  • 40e5e31f78 Add next/previous variables for windows in W: loop, from Conor Taylor in GitHub issue 4856. nicm 2026-03-09 15:46:01 +00:00
  • 897b1c2f83 tmux: move block assigning to prefix a bit down to avoid a small leak tb 2026-03-09 14:37:26 +00:00
  • 68a64c79f5 Fix server crash when control client session is destroyed, from Renaud Allard in GitHub issue 4916. nicm 2026-03-09 14:33:55 +00:00
  • 9e6dd88dea Check for NULL value in tilde expansion before dereferencing, from Renaud Allard in GitHub issue 4916. nicm 2026-03-09 14:31:41 +00:00
  • dec8f04ca9 We've never seen this panic where *_fast_ipi() fails because a cpu isn't responding. I don't think we can see the panic -- I think we are so low that panic code will misbehave and more likely we see a hang. It is easier to accept this impossible failure, decrement the counter, and carry on. deraadt 2026-03-09 13:24:13 +00:00
  • c1317b35bd Inside libc, getpwent.c does not use dbopen() and instead uses unexported db functions. The copy of the code outside libc, must use dbopen(). -DFORCE_DBOPEN was used with #ifdef, but now that the file is an edited copy that is no longer neccessary. deraadt 2026-03-09 12:56:12 +00:00
  • 87c4221f9b add support for PNVM data embedded in newer iwx(4) firmware files stsp 2026-03-09 12:40:40 +00:00
  • 0a90aae5a4 Add an additional "int fd" argument to the low-level db __{hash,rec,bt}_open() functions to provide for the caller allocating the fd itself. ok guenther deraadt 2026-03-09 12:22:44 +00:00
  • d17903c72b Add O_CLEXEC to open() ok guenther deraadt 2026-03-09 11:51:25 +00:00
  • bf3713f7df move atomic.h include a bit down to match what matthieu committed tb 2026-03-09 06:38:02 +00:00
  • a13048d8f4 If a fd came from libc doing the __pledge_open(2) system call, do not allow write(2), chmod(2), chflags(2), chown(2), ftruncate(2), or fdpassing. pledge_open(2) is an unexported interface that libc will use (soon) to open 2 devices (null and tty), about 9 files (based upon pledge promises), and files within the zoneinfo directory. This works because libc only reads from those fd. Currently those files are openable by non-libc code, but soon only static libc code will be able to do those opens. This does not transition libc to using the new system call, yet. Based upon long discussions with david leadbeater and beck. deraadt 2026-03-09 02:44:04 +00:00
  • 5439730d42 use ida_alloc_range() for ida_alloc_min() and ida_alloc_max() corrects ida_alloc_max() range end jsg 2026-03-09 00:58:17 +00:00
  • d39f83896a The range end argument of idr_alloc() is exclusionary. Don't try to insert into the idr tree with an id value matching the end. jsg 2026-03-08 23:53:57 +00:00
  • 50f53e8d3b unifdef unused idr random path jsg 2026-03-08 23:42:34 +00:00
  • 8c407aa859 remove unused ida_simple* which no longer exist in linux jsg 2026-03-08 23:31:50 +00:00
  • 2979bda6aa no need to include both sys/atomic.h and machine/atomic.h jsg 2026-03-08 23:00:43 +00:00
  • b6f83a4835 include sys/atomic.h for atomic_inc_int() jsg 2026-03-08 22:37:27 +00:00
  • cc4342ae27 Add missing sys/atomic.h tb 2026-03-08 21:34:27 +00:00
  • e98e0d4dd3 Add missing sys/atomic.h. ok miod@ matthieu 2026-03-08 20:44:27 +00:00
  • d8af3aa11e Fix pledge/unveil issues relating to manual opening of /etc/resolv.conf uncovered by david leadbeater and florian, and later on also by sthen deraadt 2026-03-08 18:45:00 +00:00
  • ee05ec4a57 calendar -a uses different pledge, add test for that. bluhm 2026-03-08 17:53:36 +00:00
  • 679cc97f72 use atomic_inc_int() on more fields in uvmexp deraadt 2026-03-08 17:07:31 +00:00
  • c5e6757782 mark a few more (MD incremented) fields in uvmexp as [a] atomic deraadt 2026-03-08 17:06:10 +00:00
  • 6f469bba5c typo deraadt 2026-03-08 17:01:00 +00:00
  • 78a67a43f7 sync deraadt 2026-03-08 16:41:35 +00:00
  • 5dbe1e3f45 Introduce __pledge_open(2) system call which is pretty much the same as open(2), except libc will use it to differentiate certain well-controlled pathnames which follow special rules in pledge and can be accessed even when "rpath" or unveil(2) don't allow so. The kernel gets the system call BEFORE libc starts using it; soon there will be more commits which will require at least this kernel. Long discusions with david leadbeater and and beck deraadt 2026-03-08 16:41:19 +00:00
  • 49a65bce02 exclude cache-* instead of cache-4 which is not at version 7 and can be changed anytime robert 2026-03-08 16:25:42 +00:00
  • 72682fca84 Move HTTP start-line logic to a dedicated function rsadowski 2026-03-08 11:06:30 +00:00
  • 4e7496da68 As a temporary hack, model the timezone change for America/Vancouver as occurring on 2026-11-01 02:00, not on 2026-03-09. This allows for a transition period where America/Vancouver still shows as PDT. millert 2026-03-08 00:08:52 +00:00
  • 4bea2e96e2 With it's own daemonization / fd cleaning code, ssh-agent opens /dev/null O_RDWR after a pledge without "wpath". This is allowed in current pledge because "/dev/null" is implicitly allowed to be opened even with the most restrictive pledges or unveils. This is a design decision in pledge made at the very beginning, to satisfy libc requirements. We've finally had enough experience and know how to fix that in the near-future, but need to review and fix all code which opens these implicit paths. The fix is to add "wpath", so that "/dev/null" can be opened O_RDWR. But that is uncomfortable, so we add unveil() allowing "/" with "r", 4 unveil "x" for the potential askpass and helpers to be execve'd, and "/dev/null" with "wr". As a result filesystem access is substantially more restricted than before, and ssh-agent is ready for the future pledge change. ok djm dtucker deraadt 2026-03-07 18:35:43 +00:00
  • e4596688f8 Stop doing access() before execve(). It is a TOCTOU, but also it forces use of unveil "rx" instead of "x". This is done by using a pipe() through the fork+execve attempt to expose execve failure and create the same error return as the access() used to do. ok djm dtucker deraadt 2026-03-07 18:27:52 +00:00
  • 6317b71d10 Use the (no YP, non-threaded) cleaned up copy of getpwent.c placed into usr.bin/chpass instead of reaching around into libc and using crazy cpp options. In the near future the libc version will have more substantial changes (intersecting with pledge and unveil) which are much more difficult to manage using cpp features, so we stop this reacharound into libc subtree. deraadt 2026-03-07 18:20:25 +00:00
  • 17722fb608 Remove #ifdef's relating to YP and threading, and directives for symbol visibility when compiled inside the libc environment. deraadt 2026-03-07 18:15:49 +00:00
  • 68e7e317f5 Verbatim copy of /usr/src/lib/libc/gen/getpwent.c to here, which will be cleaned up for local purposes in the next steps. deraadt 2026-03-07 18:14:48 +00:00
  • 92b2ebb7f7 zlib: add missing cast to reduce diff between userland and kernel tb 2026-03-07 09:50:29 +00:00
  • 5a655b91c7 zlib: avoid double assignment to strm->msg tb 2026-03-07 08:21:25 +00:00
  • a58570fb0e zlib: sync with userland tb 2026-03-07 07:28:22 +00:00
  • 827a90f764 zlib: fix heap info leak in deflateCopy (ZLB-01-005) tb 2026-03-07 07:27:51 +00:00
  • 0c10402423 Add support for more line speeds. kettenis 2026-03-06 22:33:33 +00:00
  • 2b422de66b ignore tar files while diffing destdirs for syspatch as we don't care about them robert 2026-03-06 13:16:59 +00:00
  • 4132a17464 Properly export the bitmap count and size. claudio 2026-03-06 13:10:14 +00:00
  • b5238f8b72 mlkem: use timingsafe_memcmp() in decapsulation kenjiro 2026-03-06 09:22:29 +00:00
  • 34280cf4e5 tmux: don't leak menu if the tty is too small to display it tb 2026-03-06 08:19:22 +00:00
  • 7e00b127f9 Do not use recallocarray because the stored size may have changed during reflow so may not match what it expects, fixes crash reported by Caspar Schutijser. nicm 2026-03-06 08:09:58 +00:00
  • 567b31020a add ${VERSION_SCRIPT} to CLEANFILES robert 2026-03-06 07:57:59 +00:00
  • 2c6bbeca6e Move OpenBSD CVS ID marker to top of file to avoid conflicts when syncing changes to portable. dtucker 2026-03-06 07:06:45 +00:00
  • bb6b446b7a Replace u_intXX_t types with the equivalent C99 uintXX_t types to match similar change to the main ssh code. dtucker 2026-03-06 06:57:33 +00:00
  • 31a04e71b1 zlib: sync with userland tb 2026-03-06 05:37:06 +00:00
  • 399c6b2303 zlib: zero out allocation to avoid info leak (part of ZLB-01-003) tb 2026-03-06 05:36:42 +00:00
  • 11836cf505 zlib: sync with userland tb 2026-03-06 05:32:46 +00:00
  • 99ebcb36d6 inflateCopy: fix a heap info leak (part of ZLB-01-003) tb 2026-03-06 05:31:58 +00:00
  • 407a83d3c7 Fix incorrect condition for creating client name, from Vlad Apostol in GitHub issue 4911. nicm 2026-03-05 22:50:14 +00:00
  • 4b0575c7ee Fix previous, I put the + stats->bitmap_size outside the fmt_mem() calculation. claudio 2026-03-05 21:30:56 +00:00
  • 656cf0b44e On 2026-03-09 British Columbia will go from daylight to standard time, without a UT offset change. That is, its 2026-03-08 spring forward will be its last foreseeable clock change, as it will move to permanent -07 thereafter. (Thanks to Arthur David Olson.) millert 2026-03-05 17:41:23 +00:00
  • acf9e8b42b Update to 2026agtz from https://github.com/JodaOrg/global-tz o Moldova has used EU transition times since 2022. o Remove Europe/Chisinau from zonenow.tab, as it now agrees with Europe/Athens for future timestamps. millert 2026-03-05 17:40:24 +00:00
  • 8314cba225 Add some stats for the use of bitmaps. claudio 2026-03-05 09:54:43 +00:00
  • 5bacb00859 Add some stats for the use of bitmaps. claudio 2026-03-05 09:54:06 +00:00
  • 0ffa2f249b Add pane_pipe_pid with pipe fd and call setpgid to make it easier to kill. nicm 2026-03-05 09:22:08 +00:00