OpenBSD/src KI851vasys/net if_bridge.c

   Skip SPD lookups for short packets on IPsec-enabled bridge

   When short packets are sent to the bridge with IPsec enabled,
   an incorrect error path can be taken which leads to a lookup
   of an SPD entry using an uninitialized SPI. Most of the time
   this will fail, however there's a chance that an existing SPD
   entry corresponds to the provided SPI which leads to use of
   another uninitialized variable used to offset the IP or IPv6
   header in order to get to the security protocol header.

   ESP performs packet length checks and will fail when such
   packets will reach it, but AH and IPComp don't have similar
   checks and are affected the most.

   CID 1452946, 1452957; Severity: Major

   OK millert, visa, bluhm
VersionDeltaFile
1.298+3-3sys/net/if_bridge.c
+3-31 files

OpenBSD/src iXSWXJ2usr.bin/tmux tmux.1 alerts.c

   Add monitor-bell window option to match the activity and silence
   options, from Brad Town.

OpenBSD/src Xr3xnWSusr.sbin/syspatch syspatch.sh

   Honor TMPDIR if it is set to prevent erroring in some setup.

   reported by Igor Falcomata
VersionDeltaFile
1.121+2-2usr.sbin/syspatch/syspatch.sh
+2-21 files

OpenBSD/src Hyzy3kYusr.sbin/sysmerge sysmerge.sh

   We're a shell script, so honor TMPDIR.
   While here, use consistent variable substitution.
VersionDeltaFile
1.231+5-5usr.sbin/sysmerge/sysmerge.sh
+5-51 files

OpenBSD/src s76iypzsys/kern subr_hibernate.c

   print why the signature block check of an unhibernate attempt failed, to
   let people know what changed.

   ok kettenis, phessler
VersionDeltaFile
1.123+5-5sys/kern/subr_hibernate.c
+5-51 files

OpenBSD/src Mvash3psys/net80211 ieee80211_pae_input.c ieee80211_node.h

   Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA
   group keys are being reused. OpenBSD wireless clients will now leave a
   trail of such events in their message log.

   There has been increased public scrutiny of WPA's security recently, so
   I am curious to see if anyone is attempting replay attacks in the wild.

   ok deraadt

OpenBSD/src zTVZFS9distrib/alpha/bsd.rd Makefile, distrib/alpha/common Makefile.inc

   add two more strips

OpenBSD/src zi9UXMvsys/dev/acpi acpi.c dwiic.c

   Make dwiic(4) attach its ACPI parent dependencies.
   This change makes the Asus E200HA keyboard work.

   Original analysis and patch by Cesare Gargano
   ok kettenis@

OpenBSD/src 9G8QnNtbin/expr expr.1

   Explicitly say that expr(1) handles decimal integers only, as mandated
   by POSIX and as implemented in our utility; triggered by a question from
   Alessandro DE LAURENZIS <just22 at atlantide dot t28 dot net> on misc@.
   OK millert@
VersionDeltaFile
1.24+8-7bin/expr/expr.1
+8-71 files

OpenBSD/src d1zBULLlibexec/ld.so/i386 ldasm.S

   remove accidentally duplicated cpp chunks
   ok kettenis
VersionDeltaFile
1.31+10-32libexec/ld.so/i386/ldasm.S
+10-321 files

OpenBSD/src zV3Y723regress/sys/kern/noexec testfly.S

   ENTRY() requires END()
VersionDeltaFile
1.4+4-1regress/sys/kern/noexec/testfly.S
+4-11 files

OpenBSD/src 77fSrz1libexec/ld.so strtol.c

   Adapt the commit in libc that changes how a string like "0xy" is
   parsed.  OK deraadt@
VersionDeltaFile
1.3+4-3libexec/ld.so/strtol.c
+4-31 files

OpenBSD/src EyI8csXsys/arch/amd64/amd64 vm_machdep.c, sys/arch/i386/i386 vm_machdep.c

   Randomly bias downwards from the top of each kernel stack, thereby
   introducing more entropy into stack locations.
   TODO: consider if we should fill that space with something specific?
   discussed with mlarkin, mortimer, guenther, kettenis, etc etc etc

OpenBSD/src S8goLiyetc/etc.loongson login.conf, etc/etc.octeon login.conf

   crank memory limits

OpenBSD/src ND65mK7sys/kern kern_bufq.c

   Correct the check when selecting an elevator

   Coverity CID 1453358; Severity: unlikely, not user-visible

   ok millert, visa
VersionDeltaFile
1.32+2-2sys/kern/kern_bufq.c
+2-21 files

OpenBSD/src klwxgKYdistrib/sparc64/ramdisk Makefile, distrib/sparc64/ramdiskB Makefile

   additional strip -R .SUNW_ctf needed

OpenBSD/src THVFahssys/net pf_table.c

   Validate pfra_type after copyin before using it to index an array

   Don't trust the value of pfra_type blindly since it's coming from
   userland and sanitize it in pfr_validate_addr that is called after
   every copyin and also perform the check in pfr_create_kentry before
   we attempt to use the value not after.

   Coverity CID 1452909, 1453097, 1453384; Severity: Minor
   It can be triggered only by root by default or anyone with write
   access to /dev/pf if such access is provided.

   ok visa, bcook, sashan, jsg
VersionDeltaFile
1.127+6-4sys/net/pf_table.c
+6-41 files

OpenBSD/src ZPduM5bregress/lib/libc/locale/uselocale uselocale.c

   test locale priorities and overrides

OpenBSD/src VjegjPGregress/lib/libc/locale/uselocale uselocale.c

OpenBSD/src xub9z9Vgnu/usr.bin/gcc/gcc c-opts.c toplev.c

   have -Wno-* work the same on gcc3 as well.
   old patch, belated test by aoyama@, okay aoyama@

OpenBSD/src 35g8taSusr.bin/tmux cmd-display-panes.c tmux.1

   Add -d flag to display-panes to specify timeout, and make 0 mean no
   timeout. From Laurens Post.

OpenBSD/src D6TWvLdusr.bin/tmux alerts.c tmux.h

   Rename BELL_* values to ALERT_* now they are used by more than bells,
   based on a diff from Brad Town.

OpenBSD/src dbbkDtishare/man/man4/man4.armv7 amdisplay.4

   tweak previous; ok ians
VersionDeltaFile
1.2+17-14share/man/man4/man4.armv7/amdisplay.4
+17-141 files

OpenBSD/src VMKiA8Pregress/lib/libc/locale/uselocale uselocale.c Makefile

OpenBSD/src 1rp8I4dsys/dev/ic r92creg.h rtwn.c, sys/dev/usb if_urtwn.c

   Mostly cosmetic changes to make things a bit more consistant:
   - rename bit definition of R88E_TX_RPT1_ENA to reflect reality
   - no need to set R92C_FPGA0_ANAPARAM2 for 40mhz for rtl8188eu
   - in rtwn_write_txpower(), writing to MCS8-15 power registers if the WNIC
     has 2 spatial streams

   ok stsp@
VersionDeltaFile
1.13+46-47sys/dev/ic/r92creg.h
1.28+8-6sys/dev/ic/rtwn.c
1.74+2-2sys/dev/usb/if_urtwn.c
+56-553 files

OpenBSD/src PwLhyfuregress/lib/libc/locale/uselocale uselocale.c Makefile

   refactor in preparation for testing more functions; no functional change

OpenBSD/src QB3JvmIbin/ksh alloc.c

   Remove expensive pointer check in afree()

   The check added in rev 1.8 walks the whole freelist to catch cases where
   an unknown pointer is passed to afree(); but it can't catch cases
   whether the struct link has been corrupted by an invalid memory write.
   And it becomes very expensive when you have lots of items in an area
   (for example with a huge HISTSIZE).

   Discussed with & ok millert@ tb@
VersionDeltaFile
1.17+2-10bin/ksh/alloc.c
+2-101 files

OpenBSD/src dSbcCL1sys/netinet tcp_usrreq.c ip_gre.c, sys/netinet6 raw_ip6.c

   Convert hand rolled sockaddr checks to the nam2sin functions.
   Especially in tcp_usrreq() connect detect the correct address family
   based on the inp_flags instead of the sa_family user input.
   OK mpi@
VersionDeltaFile
1.153+21-29sys/netinet/tcp_usrreq.c
1.117+12-17sys/netinet6/raw_ip6.c
1.66+2-4sys/netinet/ip_gre.c
+35-503 files

OpenBSD/src yd56giSgames/fortune/datfiles fortunes

   typo: on -> of

   From Scott Cheloha
VersionDeltaFile
1.52+1-1games/fortune/datfiles/fortunes
+1-11 files

OpenBSD/src dfMjSpxregress/sys/fileops fileops2.pl Makefile.inc

   Add test cases for msdosfs bug

   Add a test that writes a big file, reads it again, and compares the result.
   This detects the bug that briefly was in msdosfs.

   Also add tests that create lots of files in a directory. Do this in the root
   dir and a subdir because these work completely differently on msdosfs.  Need to
   enlarge the used disk images for this test.

   ok bluhm@

OpenBSD/src d28Mx7qsys/arch/amd64/amd64 vmm.c

   vmm: inject #DB after emulated instructions if guest RFLAGS.TF is set

   ok pd
VersionDeltaFile
1.165+41-2sys/arch/amd64/amd64/vmm.c
+41-21 files

OpenBSD/src ELdqrBqusr.sbin/vmctl main.c vmctl.h

   merge parse_vmid() and parse_vmname()

   ok mlarkin@ pd@
VersionDeltaFile
1.32+15-37usr.sbin/vmctl/main.c
1.17+2-3usr.sbin/vmctl/vmctl.h
+17-402 files

OpenBSD/src blJjllMusr.bin/ctfconv ctfstrip

   proper fix for previous and add missing quotes

   from tb@
   ok visa@ mpi@
VersionDeltaFile
1.8+6-6usr.bin/ctfconv/ctfstrip
+6-61 files

OpenBSD/src emWs71Nusr.sbin/vmd vmd.c vmm.c

   vmd: fix vm id displayed by vmctl when receiving a vm

   Also fix two debug messages and an IMSG type.
VersionDeltaFile
1.67+4-4usr.sbin/vmd/vmd.c
1.72+4-1usr.sbin/vmd/vmm.c
+8-52 files

OpenBSD/src mJt2tgNlib/libc/thread rthread_sync.c rthread_cond.c

   s/DEF_STD/DEF_STRONG/ to match namespace.h differences between librthread
   and libc

OpenBSD/src 5VygELylib/libc/hidden sched.h, lib/libc/hidden/sys futex.h

   Wrap <sched.h> and <sys/futex.h> so that internal calls go direct

OpenBSD/src TU99Y0Zlib/libc/thread rthread.c rthread_file.c

   Sort headers per style(9)

OpenBSD/src TgwgXZWlib/libc/arch/aarch64/gen _atomic_lock.c

   Copy files from ../librthread in preparation for moving functionality
   from libpthread to libc.  No changes to the build yet, just making it
   easier to review the substantive diffs.

   ok beck@ kettenis@ tedu@

OpenBSD/src 2ly112plib/libc/thread rthread_sync.c rthread.c

   Copy files from ../librthread in preparation for moving functionality
   from libpthread to libc.  No changes to the build yet, just making it
   easier to review the substantive diffs.

   ok beck@ kettenis@ tedu@

OpenBSD/src iuTuMA7sys/net if_spppsubr.c, sys/netinet6 in6.c in6_var.h

   After we stopped processing router advertisements in the kernel
   sppp_update_ip6_addr() became the last user of n6_are_prefix_equal().
   Since it compares /128 prefixes it doesn't need all the bells and
   whistles and can be converted to a memcmp. Remove the now unused
   n6_are_prefix_equal().
   OK bluhm, mpi
VersionDeltaFile
1.211+1-27sys/netinet6/in6.c
1.172+3-3sys/net/if_spppsubr.c
1.69+1-2sys/netinet6/in6_var.h
+5-323 files

OpenBSD/src LPLSjUOsys/arch/armv7/omap amdisplay.c

   Convert to FDT-based interrupt establish API.
VersionDeltaFile
1.3+3-4sys/arch/armv7/omap/amdisplay.c
+3-41 files

OpenBSD/src foGoWP2sys/arch/armv7/omap nxphdmi.c

   Apply KNF and fix whitespaces.
VersionDeltaFile
1.2+43-44sys/arch/armv7/omap/nxphdmi.c
+43-441 files

OpenBSD/src f5LNwSvsys/arch/armv7/omap amdisplay.c amdisplayreg.h

   Apply KNF and fix whitespaces.

OpenBSD/src LHIvCN2regress/sys/net/pf_divert remote.pl Packet.pm

   Add tests for pf divert-packet.  Currently UDP packets are tested
   with in and out rules.  A single packet, the initial packet or the
   response packet are diverted and reinjected.

OpenBSD/src snBl6B8sys/kern vfs_lookup.c

   remove parens that were copied from ndinit's previous life as a macro
VersionDeltaFile
1.64+7-7sys/kern/vfs_lookup.c
+7-71 files

OpenBSD/src CxY2pT9sys/kern genassym.sh

   create a temp directory for all the temp files instead of trying to name
   them one at a time. solves a problem where .d files were showing up with
   static names.
   ok deraadt
VersionDeltaFile
1.13+7-7sys/kern/genassym.sh
+7-71 files

OpenBSD/src qYijFIRusr.bin/pkg-config pkg-config

   Strip out -I/usr/include and -L/usr/lib from the --cflags/--libs output.

   fd.o pkg-config doesn't emit them either, and libpng now exposed the issue
   as tracked down by naddy@
VersionDeltaFile
1.89+16-4usr.bin/pkg-config/pkg-config
+16-41 files

OpenBSD/src x3luQuiregress/usr.bin/pkg-config Makefile, regress/usr.bin/pkg-config/pcdir filter.pc

   add static test too

OpenBSD/src 5jnpBFgusr.bin/pkg-config pkg-config

   remove vax leftover
VersionDeltaFile
1.88+2-2usr.bin/pkg-config/pkg-config
+2-21 files

OpenBSD/src 4VEwOgllibexec/ld.so/amd64 ldasm.S, libexec/ld.so/i386 ldasm.S

   Align text locations to 16 (instead of 4) to match modern recommendations
   (generally associated with hardwired BTC limitations).  And then fill
   those alignments with 0xcc (int 3) to match our trapsled model.  Resulting
   binaries show no sequential nop's.
   ok mlarkin kettenis mortimer