Fix pctr(4) issues with MP and suspend:
- use an IPI to notify other CPUs toi update CR4 and the MSRs
- use the cpu(4) resume callback to restore the pctr(4) settings after
ok kettenis@ deraadt@
Defer sigalgs selection until the certificate is known.
Previously the signature algorithm was selected when the TLS extension was
parsed (or the client received a certificate request), however the actual
certificate to be used is not known at this stage. This leads to various
problems, including the selection of a signature algorithm that cannot be
used with the certificate key size (as found by jeremy@ via ruby regress).
Instead, store the signature algorithms list and only select a signature
algorithm when we're ready to do signature generation.
Joint work with beck@.
Rework ssl_ctx_use_certificate_chain_bio() to use the CERT_PKEY chain.
This means that any additional CA certificates end up on the per
certificate chain, rather than the single/shared extra_certs.
Also simplify this code and in particular, avoid setting the return value
to indicate success until we've actually succeeded.
ok beck@ tb@
Rework ssl3_output_cert_chain() to take a CERT_PKEY and consider chains.
We will now include the certificates in the chain in the certificate list,
or use the existing extra_certs if present. Failing that we fall back to
the automatic chain building if not disabled.
This also simplifies the code significantly.
ok beck@ tb@
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently
remains in the x509 member of CERT_PKEY. Unfortunately we've got to
contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf
certificate while others include it...
ok beck@ tb@
Increase the default RSA key size to 3072 bits. Based on the estimates
from NIST Special Publication 800-57, 3k bits provides security equivalent
to 128 bits which is the smallest symmetric cipher we enable by default.
ok markus@ deraadt@
Revert back to using previous values for EFIFB_WIDTH and EFIFB_HEIGHT,
as raising them expose an issue which breaks inteldrm on large screen
Reported by chris@, and by Lucas Raab on bugs@. Thanks!
virtio: Prepare for 64 feature bits
virtio 1.0 supports an arbitrary number of feature bits. However, so far
no more than 64 are used (compared to 32 in virtio 0.9). Adjust data
types to support 64 feature bits.
Later, we may want to use bitmaps and setbit(), ... to support even more
virtio: adjust virtio_setup_queue prototype for 1.0
Make it take an address instead of a PFN.
Pass the virtqueue pointer. In virtio 1.0, more information has to be
configured in the device. Also call virtio_setup_queue() after the
information has been filled in.
Make stat(2) and access(2) need UNVEIL_READ instead of UNVEIL_INSPECT
UNVEIL_INSPECT is a hack we added to get chrome/glib working. It silently
adds permission for stat(2), access(2), and readlink(2) to be used on
all path components of any unveil'ed path. robert@ has sucessfully now
fixed chrome/glib to not require exessive TOC vs TOU stat(2) and access(2)
calls on the paths it uses, so that this no longer needed there.
readlink(2) is the sole call that is now permitted by UNVEIL_INSPECT,
and this is only needed so that realpath(3) can work. Going forward we will
likely make a realpath(2), after which we can completely deprecate
In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read. We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that.
Do not check every resolver every 30 seconds as that is wasteful and
Trigger a check
- on startup
- when forwarders change on config reload
- when dhcp provided forwarders change
- on network interface state change
When a check finishes and the checked resolver cannot resolve anything
configure a timer to run another check in the future using an
exponential backoff for the timeout.
If ssl_cipher_apply_rule() is given a specific cipher suite, match on it.
Otherwise matching a specific cipher is performed by matching against
its characteristics, which can result in multiple rather than a single
Found by bluhm@'s regress tests.
ok bluhm@ tb@
Add a quirk for the Huawei Matebook X to activate the right-side
speaker on its Dolby Atmos system.
Through some extensive tracing of the Realtek Windows driver, I
found the many hundreds of CORB commands that the Windows driver
sends to initialize Dolby Atmos and activate both speakers.
The list of CORB commands was optimized by Tomas Espeleta to reduce
file size and then implemented in azalia by Stefan Sperling.
ok stsp, deraadt
Revert rasops32_putchar() changes introduced in revision 1.8.
This significantly speeds up character plotting on inteldrm and
radeondrm, and also on efifb(4) since the driver now remaps the
framebuffer in write combining mode.
OK kettenis@, jcs@
do not call assert(), which has a tendency to leave traces of stuff in
corefiles. Instead call OPENSSL_assert(), which has recently been trained
to do this in a safer (if more awkward to debug) way.
discussed with jsing and beck a while back
Treat time from remote as unsigned 32 bit rather than signed, when
casting it into a time_t. If the remote doesn't muck things up, we may
make it through 2038.. (best that can be done without protocol repair