*) Added SCA hardening for modular field inversion in EC_GROUP through
a new dedicated field_inv() pointer in EC_METHOD.
This also addresses a leakage affecting conversions from projective
to affine coordinates.
[Billy Bob Brumley, Nicola Tuveri]
*) Change the info callback signals for the start and end of a post-handshake
message exchange in TLSv1.3. In 1.1.1/1.1.1a we used SSL_CB_HANDSHAKE_START
and SSL_CB_HANDSHAKE_DONE. Experience has shown that many applications get
confused by this and assume that a TLSv1.2 renegotiation has started. This
can break KeyUpdate handling. Instead we no longer signal the start and end
of a post handshake message exchange (although the messages themselves are
still signalled). This could break some applications that were expecting
the old signals. However without this KeyUpdate is not usable for many
applications.
[Matt Caswell]
*) Fix a bug in the computation of the endpoint-pair shared secret used
by DTLS over SCTP. This breaks interoperability with older versions
of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2. There is a runtime
switch SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG (off by default) enabling
interoperability with such broken implementations. However, enabling
this switch breaks interoperability with correct implementations.
*) Fix a use after free bug in d2i_X509_PUBKEY when overwriting a
re-used X509_PUBKEY object if the second PUBKEY is malformed.
[Bernd Edlinger]
*) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
[Richard Levitte]
*) Remove the 'dist' target and add a tarball building script. The
'dist' target has fallen out of use, and it shouldn't be
necessary to configure just to create a source distribution.
[Richard Levitte]
A multithreaded process may chroot during namei() and we end up with
vn_under() trying to reference the now unreferenced ni_rootdir.
Ok: David Holland <dholland@netbsd.org>
Reported-by: syzbot+889319cdf91a3d0373a9@syzkaller.appspotmail.com
./usr/include/$MACHINE and automatically add it.
add sun68k for sun2/sun3. tested on about 12 platforms.
there may be more failures to figure out but this should make
them all special cases rather than always expected cases.
fortunately, most builds don't see to hit these issues for
reasons i haven't determined yet.
for the userland (libc) version of humanize_number(),
except in a much more limited, and less harmful, way ...
If the value to be printed was > ~0/10 (eg ~0 itself) and
the buffer given was big enough to hold it, "umax" would overflow,
and the expected result was not produced (here at least the effect was
simply to scale the result for huge values by one unnecessary step,
rather than maximally scale all values usually generating 0E, but
incorrect nonetheless.)
A suitable test was actually there already - but the results
were not verified. So just add a test that the result string
is what is expected. (Previously for len==128 and bytes==10000
it would have returned "0E" now it returns 10000 as it should.)
When auto scaling, and the buffer is bigger than big enough
for the biggest possible number, don't try and calculate
the max value that will fit in the buffer - that calc
will overflow (guaranteed) and is useless, the value
we're formatting cannot possibly be bigger. So simply
use the unscaled value (the raw number).
While here, also avoid returning values that are larger
than the buffer len ... while it would be nice to be able
to find out how big the buffer should be so the data will
fit, the interface doesn't really allow that (the buffer
length passed in controls the scaling - at least when
auto scaling) and the code already does "return -1" when
it detects the buffer length is too small, even before
it works out how much would have been needed. So, rather
than returning a value > len (while truncating the result
to fit in len ... all courtesy of snprintf()) return -1
in this case as well.
Also, allow suffix==NULL (meaning "") - there's no reason
not to, and requiring users to pass in an explicit "" is
not useful.
fix mpii to adhere to physio diagnostic invariant that
fully processed data must not post an error:
1) verify expected scspi state via KASSERT() instead of just
setting the variables.
2) set xs->resid only in known good conditions
3) insure setting errors in all error paths and refrain
from clearing xs->resid in error paths.
While there do some cosmectic clean up:
1) extend and relocate some debug output
2) mpii HBAs can also manage non-disk devices like tapes etc,
so log that physical "devices" instead of physical "disks" are
attached or detached.
Tested with NEOSeries FlexStor II and luckily a broken tape drive 8-(
mpii0 at pci1 dev 0 function 0: vendor 1000 product 00ab (rev. 0x01)
mpii0: interrupting at irq 11
mpii0: HBA 9400-8i8e, firmware 3.0.4.0, MPI 2.6
mpii0: physical device inserted in slot 9
mpii0: physical device inserted in slot 13
mpii0: physical device inserted in slot 16
st0 at scsibus0 target 9 lun 0: <IBM, ULTRIUM-HH7, J4D1> tape removable
st0: density code 92, variable blocks, write-enabled
ch0 at scsibus0 target 9 lun 1: <BDT, FlexStor II, 5.50> changer removable
ch0: 23 slots, 2 drives, 1 picker, 1 portal
st0: tagged queueing
ch0: tagged queueing
st1 at scsibus0 target 13 lun 0: <IBM, ULTRIUM-HH7, J4D1> tape removable
st1: density code 92, variable blocks, write-enabled
st1: tagged queueing
ses0 at scsibus0 target 16 lun 0: <LSI, VirtualSES, 01> enclosure services fixed
Note: pullup-8
Add new tests verifying dup2(2) scenarios:
- kcov_dup2
- kcov_basic_dup2_pc
- kcov_basic_dup2_cmp
The dup2(2) trick is used by syzkaller and assert that it works.
All new tests pass.
While there add minor non-functional cleanup changes.
--- MAJOR NEW FEATURES ---
* apropos(1): improve POSIX compliance by accepting case-insensitive
extended regular expressions by default
* new -O tag[=term] output option (open a page at the definition of a term)
* tbl(7) -T html: spanning and horizontal and vertical alignment of cells
* tbl(7) -T html: draw lines on the edges of table cells
* tbl(7) -T utf8: render lines with the Unicode box drawing characters
* mandoc is now able to handle the manual pages of the groff package.
--- MINOR NEW FEATURES ---
* -T html: new option -O toc (table of contents)
* -T html: second argument to -O man to support local and remote links
* mdoc(7) .Bd -centered now fills the text contained in it
* man-ext .SY and .YS macros (synopsis block)
* man-ext .TQ macro (tagged paragraph without vertical space before it)
* tbl(7) \& explicit alignment indicator
* roff(7) .shift, .while, and .return requests
* roff(7) .char request (output glyph definition)
* roff(7) .nop request (no operation)
* roff(7) .ft request: handle the CB, CI, and CR fonts
* roff(7) .if c conditional (character available)
* roff(7) \\$@ escape sequence (insert all macro arguments, quoted)
* roff(7) \*(.T predefined string (interpolate output device name)
* roff(7) \[charNNN] escape sequence (for printable ASCII characters)
* roff(7) \# escape sequence (line continuation with comment)
--- HTML OUTPUT SYNTAX CORRECTIONS ---
* Render .br and \p as <br/>, not as an empty <div>.
* Render .Pp and .PP as <p> and automatically close it when needed.
* Stop writing empty list elements for non-compact .Bl -tag lists.
* Do not put <p> inside <a> if .UR or .MT contain .PP.
* Implement tooltips purely in CSS rather than abusing title= attributes.
--- MINOR FUNCTIONAL IMPROVEMENTS ---
* many improvements to the handling of fill and no-fill mode
* tbl(7): better column widths in the presence of horizontal spans
* several minor improvements to escape sequence handling
* several minor improvements to manual font handling
* portability: autodetect need for _GNU_SOURCE or _OPENBSD_SOURCE
* portability: autodetect whether less(1) supports the -T option
* large numbers of bugfixes of diverse kinds
--- STRUCTURAL IMPROVEMENTS ---
* Disentangle eqn(7) and tbl(7) from other parser header files,
and clean up some parser data structures.
* Substantially simplify error and warning message infrastructure.
--- THANKS TO ---
* John Gardner for crucial help implementing tooltips in CSS.
* Alexander Bluhm, Raphael Graf, Ted Unangst (OpenBSD)
and Daniel Sabogal (Alpine Linux) for patches.
* Anthony Bentley and Jason McIntyre (OpenBSD) for documentation patches,
suggesting new features, bug reports, and useful discussions.
* Kyle Evans and Baptiste Daroussin (FreeBSD) for minor patches.
* Pali Rohar for suggesting multiple new features and for reporting
several bugs and missing features.
* Klemens Nanni (OpenBSD) for suggesting multiple new features.
* Kristaps Dzonsons (bsd.lv), Marc Espie (OpenBSD), Adam Kalisz,
and Laura Morales for suggesting new features.
* Wolfram Schneider and Yuri Pankov (FreeBSD) for reporting missing features.
* Edward Tomasz Napierala (FreeBSD) for suggesting a feature improvement.
* Thomas Klausner (NetBSD) and Sevan Janiyan (SmartOS)
for bug reports and release testing.
* Bryan Steele, Janne Johansson, Kurt Mosiejczuk, Mike Belopuhov, Theo
Buehler, Todd Miller (OpenBSD), Andreas Gustafsson, Christos Zoulas,
Robert Elz (NetBSD), Kurt Jaeger (FreeBSD), Fabio Scotoni, Kelvin
Sherlock, Mark Harris, Orestis Ioannou, Raf Czlonka, and Sean Farrell
for bug reports.
* Ulrich Spoerlein (FreeBSD), Leah Neukirchen (Void Linux),
Matej Cepl (openSUSE), and Jan Stary (MacOS X) for release testing.
* Brian Callahan and Stuart Henderson (OpenBSD) for help
with the OpenBSD groff port.
* Bertrand Garrigues, Branden Robinson, Ralph Corderoy, and Werner
Lemberg (GNU troff) for checking groff patches.
* Scott Cheloha, Theo de Raadt (OpenBSD)
and Natanael Copa (Alpine Linux) for useful discussions.
kcov(4): Added driver for kernel coverage tracing
Register the entry with the current date as the driver has been just
finished.
Primary author of the port: Siddharth Muralee.
Review and major code improvements by <maxv>.
Various contributions by myself.
in some functions we disable the cassert() for clang. We should really have
a JEMALLOC_PROF_NORETURN and a way to mark the remaining of the function
unreachable.
Allow to specify mode in KCOV_IOC_ENABLE synchronizing the functionality
with Linux, FreeBSD and OpenBSD. As a NetBSD (and OpenBSD) specific of
the ioctl(2) interface, the mode argument has to be specified as &value
rather than value.
There are 3 modes available:
1. KCOV_MODE_NONE -- no trace specified, useful for testing purposes
2. KCOV_MODE_TRACE_PC -- trace the kernel program counter
3. KCOV_MODE_TRACE_CMP -- trace comparison instructions and switch statements
Adapt the ATF tests and documentation for new API.
The KCOV_MODE_TRACE_CMP mode is implemented but still awaits for the
GCC 8.x upgrade or selection of Clang/LLVM as the kernel compiler.
Obtained from OpenBSD and adapted for NetBSD by myself.
* Allow large pages to be passed in pmap_pdes_valid, this happens under
DDB when it reads RIP (.text), called via pmap_extract.
* Invert a branch in pmap_extract, so that 'l_cpu' is not touched if we're
dealing with the kernel pmap.
This fixes 'boot -d'.
integer (previously it was just clamped at the max possible value).
This would have caused
sleep 10000000000000000000
(or anything bigger) to have only actually slept for 9223372036854775807
secs. Someone would have noticed that happen, one day, in some other
universe.
This is now an error, as it was previously if this had been entered as
sleep 1e19
Also detect an attempt to sleep for so long that a time_t will no longer
be able to represent the current time when the sleep is done.
Undo the attempts to work around a broken kernel nanosleep()
implementation (by only ever issuing shortish sleep requests,
and looping). That code was broken (idiot botch of mine) though
you would have had to wait a month to observe it happen. I was going
to just fix it, but sanity prevailed, and the kernel got fixed instead.
That allows this to be much simplified, only looping as needed to
handle dealing with SIGINFO. Switch to using clock_nanosleep()
to implement the delay, as while our nanosleep() uses CLOCK_MONOTONIC
the standards say it should use CLOCK_REALTIME, and if that we
ever changed that, the old way would alter "sleep 5" from
"sleep for 5 seconds" to "sleep until now + 5 secs", which is
subtly different.
Always use %g format to print the original sleep duration in reports of how
much time remains - this works best for both long and short durations.
A couple of other minor (frill) mods to the SIGINFO report message as well.
go beyond the maximum that the callout mechanism can handle.
[See the comments in tvtohz() in subr_sleep.c for the details.]
When that happens the timeout is clamped to MAX_INT (ticks), and the
code in nanosleep1() looped (or tried to) repeating the sleep (aka
kpause()) until the requested end time for the sleep was reached.
Unfortunately, the code assumed that kpause() would return 0 when
it returned after the timeout expired. But it doesn't, it returns
EWOULDBLOCK instead (why is incomprehensible to me, but I assume
there is a reason.) [That comes from sleepq_block() which returns
EWOULDBLOCK when callout_halt() indicates that the callout had fired,
which is exactly what has happened when the time has elapsed.]
There was already code to deal with that EWOULDBLOCK and return 0
instead of an error in that case - but it was placed after the
error code was tested against 0 for the purposes of the loop.
Simply move the EWOULDBLOCK->0 mapping earlier, so the code which
is expecting "error == 0" to mean "nothing went wrong" actually
gets to see that happen, and the loop can actually loop.
(Someday the loop should probably be rewritten as a loop, instead of
as a bunch of code followed by a "goto again"!)
