OpenBSD/src 7DWPN9xsys/dev/pci auich.c

   do pci_intr_disestablish() and bus_space_unmap() calls if auich_alloc_cdata() fails; ok 
+17-181 files

OpenBSD/src iMW13GYsys/arch/i386/isa clock.c

   unused variable, after previous commit
+1-21 files

OpenBSD/src uQf3Qkxdistrib/sets/lists/comp mi

+1-01 files

OpenBSD/src mrlWTsRlib/libc/sys sysctl.2, sys/arch/amd64/isa clock.c

   sysctl(2): add kern.utc_offset: successor to the DST/TIMEZONE options(4)

   The DST and TIMEZONE options(4) are incompatible with KARL, so we need
   some other way to compensate for an RTC running with a known offset.

   Enter kern.utc_offset, an offset in minutes East of UTC.  TIMEZONE has
   always been minutes West, but this is inconsistent with how everyone
   else talks about timezones, hence the flip.

   TIMEZONE has the advantage of being compiled into the binary.  Our new
   sysctl(2) has no such luck, so it needs to be set as early as possible
   in boot, from sysctl.conf(5), so we can correct the kernel clock from
   the RTC's local time to UTC before daemons like ntpd(8) and cron(8)
   start.  To encourage this, kern.utc_offset is made immutable after the
   securelevel(7) is raised to 1.

   Prompted by yasuoka@.  Discussed with deraadt@, kettenis@, yasuoka@.
   Additional testing by yasuoka@.

   ok deraadt@, yasuoka@

OpenBSD/src te98gxQusr.sbin/pkg_add package.5

   Remove cdrom mention

   ok espie@
+3-41 files

OpenBSD/src 5P2XKfcdistrib/miniroot install.sub

   Lower syspugrade timeout to 30 minutes

   The previous mechanism used a single timeout for the entire upgrade which
   was kept when introducing the per-set watchdog.

   Half an hour now seems more sensible to safely catch the biggest sets on
   slow hardware, so avoid needlessly stalling (failed) upgrades for too long.

   OK sthen deraadt
+2-21 files

OpenBSD/src S4kFIUssys/arch/mips64/include pmap.h, sys/arch/mips64/mips64 pmap.c context.S

   Fix a race in invalidation of remote TLB entries.

   If a CPU updates a pmap concurrently with the activation of that pmap
   on another CPU, invalidation of TLB entries might be incomplete.
   It is also possible that a CPU altogether stops updating its TLB.

   Prevent the race by synchronizing pmap activations and logic that
   determines where to send TLB invalidation IPIs.

   To avoid mutex wait without ability to process IPIs, the context switch
   code is adjusted to call pmap_activate() with interrupts enabled.
   In practice, interrupts up to IPL_SCHED are still disabled on context

OpenBSD/src v0oU5lVlib/libc/sys sysctl.2, sbin/ifconfig ifconfig.8

       Remove support for semantically opace interface identifiers (RFC 7217)
       for IPv6 link local addresses.

       Some hosting and VM providers route customer IPv6 prefixes to link
       local addresses derived from ethernet MAC addresses (RFC 2464). This
       leads to hard to debug IPv6 connectivity problems and is probably not
       worth the effort.

       RFC 7721 lists 4 weaknesses:

       3.1. Correlation of Activities over Time & 3.2. Location Tracking
       These are still possible with RFC 7217 addresses for an adversary
       connected to the same layer 2 network (think conference wifi). Since
       the link local prefix stays the same (fe80::/64) the link local
       addresses do not change between different networks.
       An adversary on the same layer 2 network can probably track ethernet
       MAC addresses via different means, too.

       3.3. Address Scanning & 3.4. Device-Specific Vulnerability Exploitation
       These now become possible, however, as noted above a layer 2 adversary
       was probably able to do this via different means.

       People concerned with these weaknesses are advised to use
       ifconfig lladdr random.
   OK benno
   input & OK kn

OpenBSD/src CZJs1QKsbin/disklabel disklabel.8 editor.c

   Bump /usr on big auto-allocation table; ok krw@ sthen@ phessler@
+5-52 files

OpenBSD/src HxFUReksys/dev/pci vga_pci_common.c, sys/dev/pci/drm/amd/amdgpu amdgpu_devlist.h

   Add simple amdgpu pci id devlist for the ramdisk to determine if
   aperture is needed.  Skip SI/CIK ids as we don't build amdgpu with
   SI/CIK support (radeondrm covers these) and skip VEGA20 ids we
   don't match on as they are flagged AMD_EXP_HW_SUPPORT.

OpenBSD/src RXEOvtisys/dev/pci mfii.c mpii.c

   Trailing whitespace.
+7-72 files

OpenBSD/src 3UsY3Mfsys/arch/amd64/stand/efi32 efipxe.c, sys/arch/amd64/stand/efi64 efipxe.c

   Network-based device paths use Messaging and not Media types.  Thus
   in reality the depth was always -1 which made the compare function
   a No-Op.  Properly check the device path depth value and look for
   the Messaging type instead to find the correct NIC.  This check
   never worked before and was uncovered by the last change.

   Regression noticed by bluhm@

OpenBSD/src xfrCciYsys/dev/ic qla.c, sys/dev/pci qle.c

   Use the defines DETACH_FORCE and DETACH_QUIET when constructing a value
   that will end up in config_detach() flags via scsi_detach_target().

   ok jmatthew@ dlg@
+10-62 files

OpenBSD/src hsM8cuzsys/arch/arm64/conf GENERIC

   Enable ipmi(4).

   ok deraadt@
+3-11 files

OpenBSD/src 9pAHKGCusr.sbin/rpki-client rpki-client.8

   Adjust manpage. Document -t tal and the new output argument. Also remove
   some of the comments for sections that will never ever be used here.
+25-181 files

OpenBSD/src 4TBKKuKusr.sbin/rpki-client main.c output-bgpd.c

   Change the arguments to rpki-client a bit. Instead of listing all TAL files
   as arguments rpki-client will now load the TAL installed in /etc/rpki by
   default. For debug reasons an option -t tal is added to pass in TAL files
   by hand. The argument is now instead the filename of the output file.
   Now `rpki-client roa.conf` will do what you need which is a lot nicer.
   Agreed by deraadt@ job@ to be a step in the right direction.

OpenBSD/src Npr3UGFsys/scsi scsiconf.c scsiconf.h

   scsi_probe_bus() always returns 0. Nobody but scsi_probe() even
   pretended to care. So just make in a void, and explicitly return 0 in
   the appropriate case in scsi_probe().
+8-82 files

OpenBSD/src nf5ugTclib/libcrypto/man X509_cmp.3 X509_digest.3

   New manual page X509_cmp(3) documenting the same public functions
   as in OpenSSL 1.1.1.  I rewrote most of the text for clarity, precision,
   and conciseness and added some additional information.  A few sentences
   from Paul Yang remain.

OpenBSD/src ejTsVM5lib/libcrypto/asn1 asn1t.h

   Add static_ASN1_* macro

   - Add static_ASN1_* macro. Patch was provided by steils AT
+72-11 files

OpenBSD/src uFRhWTZusr.bin/less less.1 more.1

   - more no longer accepts random less commands
   - history trim
   - sundry

   diff from evan silberman;
   tweaked/ok by schwarze and deraadt
+29-332 files

OpenBSD/src Moadad3usr.sbin/pkg_add/OpenBSD

   fix error reporting, specifically having two repos on the same site may
   lead to one repo closing handles from the other to avoid DoS, as exemplified
   by stable-packages.

   okay sthen@

OpenBSD/src YKD9TJRregress/usr.sbin/pkg_add Makefile

   shrink using new mechanisms
+115-2101 files

OpenBSD/src yvhBGfdregress/usr.sbin/pkg_add populate mkplist

   two simple scripts to shrink package generation

OpenBSD/src oJi8gJzregress/usr.sbin/pkg_add inject-order

   use wrapper module instead of rolling our own

OpenBSD/src y8Ubm9rregress/usr.sbin/pkg_add/newcups/cups-2.2.8 +CONTENTS, regress/usr.sbin/pkg_add/newcups/cups-filters-1.20.3 +CONTENTS

   remove old cdrom=... property

OpenBSD/src eXTaE5Llib/libcrypto/bn bn_ctx.c, lib/libcrypto/man BN_CTX_start.3

   make BN_CTX_end(NULL) a NOOP for compatibility with documented behaviour
   in OpenSSL 1.1.1 even though in general, letting random functions
   accept NULL is not advisable because it can hide programming errors;

   "yes please" tb@
   "unfortunately I suspect you're right" jsing@
   "oh well" deraadt@

OpenBSD/src x2ltKRishare/man/man4 tpmr.4

   i broke the example slightly by making the driver more compliant with 802.1Q.
+6-31 files

OpenBSD/src cfMsEOgsbin/wsconsctl mousecfg.c mouse.c

   Add a field for enabling/disabling reverse scrolling.

   ok patrick@

OpenBSD/src 4MIEyxcsys/arch/amd64/amd64 acpi_machdep.c

   Restore msrs & pat on main cpu.  jcs observed a slow console on x1r7,
   and kettenis identified missing pat restore.
   Many other machines may be improved by this change.
   ok kettenis jcs
+3-11 files

OpenBSD/src 9cosvkPsys/dev/wscons wsmouse.c wsconsio.h

   Add a configuration option for reverse scrolling.

   ok patrick@

OpenBSD/src f3pDbq5sys/dev/pckbc pms.c

   Accept more elantech-v4 models, and apply a test for external buttons.

   Thanks to Alexander Cronheim.

   ok mpi@
+8-71 files

OpenBSD/src dMaaQQJetc/etc.amd64 login.conf

   The piggies have outgrown their pen again: Firefox 69 will no longer
   build in 5 GB of memory. Bump default datasize for pbuild to 6 GB.
   ok landry@ ajacoutot@
+2-21 files

OpenBSD/src DgIB0HSdistrib/sets/lists/comp clang.i386 clang.amd64


OpenBSD/src x8iX6RGshare/man/man4 ipmi.4

   Mention ipmi at acpi and ipmi at iic.  Add a short description for SSIF.
+6-21 files

OpenBSD/src 7qdKOaEsys/dev ipmi.c ipmivar.h, sys/dev/i2c ipmi_i2c.c files.i2c

   Add support for SMBus System Interface (SSIF).

   ok jmatthew@
+254-114 files

OpenBSD/src iOoS4Lcsys/dev/ata atascsi.c atascsi.h

   Remove some unused code left over from an ancient (i.e. 2007) attempt
   to present wd disks as sd drives.

   ok deraadt@
+2-252 files

OpenBSD/src gcWpKm6usr.sbin/smtpd mta.c

   use a specific and more relevant status message for failed smarthost

   ok gilles@
+5-21 files

OpenBSD/src qmX4e4jlib/libcrypto/man X509_INFO_new.3 X509_new.3

OpenBSD/src JGyJCvqetc/signify

   add 6.7 syspatch key

OpenBSD/src NAFY5WAlib/libcrypto/man ECDH_compute_key.3 DH_generate_key.3

   document ECDH_compute_key(3) and ECDH_size(3);
   feedback and OK tb@

OpenBSD/src v2GWXr4usr.sbin/pkg_add pkg_add.1, usr.sbin/pkg_add/OpenBSD

   -Pcdrom is nonsensical now, so error out properly on it.

   Prompted and okay danj@

OpenBSD/src F8ZneUYregress/usr.sbin/pkg_add my

   silently add -DDONTLOG
+2-11 files

OpenBSD/src 0RrKcSyusr.sbin/pkg_add/OpenBSD

   add a special flag -DDONTLOG so that regress test won't spam /var/log/messages

OpenBSD/src 9C63Z0Bsys/dev/pci/drm/amd/amdgpu amdgpu_object.c amdgpu_ib.c, sys/dev/pci/drm/include/drm/ttm ttm_set_memory.h

   define CONFIG_X86* in autoconf.h as needed and reduce diff to linux
   ok kettenis@

OpenBSD/src 4YES1PFsys/arch/armv7/sunxi sxiahci.c

   match on r40 ahci

   tested by and ok jsing@ ok kettenis@
+3-21 files

OpenBSD/src TuigPwVsys/dev/pci if_ix.c

   Enable TCP and UDP checksum offloading by default for ix(4).

   ok deraadt@
+1-31 files

OpenBSD/src nWc2ySJsys/dev/fdt sxiccmu_clocks.h

   Add missing OHCI clocks for Allwinner R40.

   tested by jsing@
+6-01 files

OpenBSD/src 6O9mbsqsys/scsi scsiconf.c

   Every "goto bad" in scsi_probedev() deserves a SC_DEBUG().
+17-61 files

OpenBSD/src 7r1yyrOlib/libcrypto/man CMS_sign.3 CMS_verify.3

   Tweak cross references, in particular making sure that
   all CMS pages are linked to CMS_ContentInfo_new(3) both ways
   and that closely related pages reference each other.

OpenBSD/src 6V7z31fusr.sbin/smtpd lka_filter.c lka_report.c

   version field was reserved but not discussed, this is done now

   ok millert@ martijn@