OpenBSD cvs log

created 2022-03-17T09:05:13Z
begin 2021-11-17T00:00:00Z
end 2021-11-24T00:00:00Z
path src/sys
commits 59

date 2021-11-17T06:20:30Z
author anton
files src/sys/dev/usb/uhidev.c log diff annotate
message Fix a double free in uhidev_close() caused by a race between
uhidev_open() and uhidev_close(). In uhidev_close() the UHIDEV_OPEN flag
is cleared early on but the same thread can end up sleeping while
closing the input or output pipe. This allows another thread to enter
uhidev_open() but only to fail opening either the input or output pipe
since they are already open for exclusive use. The uhidev_open() error
path frees the input buffer but leaves a dangling pointer around;
causing uhidev_close() to free the same buffer.

This can at least happen on xhci(4) which can end up sleeping in
xhci_pipe_close().

Reported by and ok gnezdo@

date 2021-11-17T06:21:23Z
author anton
files src/sys/dev/usb/ucc.c log diff annotate
message ucc does not claim multiple report ids

date 2021-11-17T06:22:14Z
author anton
files src/sys/dev/usb/uhidpp.c log diff annotate
message uhidpp does claim multiple report ids

date 2021-11-17T15:15:32Z
author stsp
files src/sys/dev/pci/if_iwm.c log diff annotate
message Disable active scanning on iwm(4) 9260 and 9560.

For some reason, if we send a scan command that actively scans for a
particular SSID with probe requests, the device will occasionally lock
up after associating to the AP, with no interrupts, totally dead.
The symptom of this is an interface that shows as "active" in ifconfig
but does not receive or transmit any packets.

Observed by kmos@ for some time already, and myself while testing new
Intel wifi firmware versions on iwm(4) 9560.

This problem was also observed on AX200 by me with old firmware. We had
the same workaround in place for iwx(4) for some time, until we upgraded
that driver to use newer firmware which uses a different scan command.

Workaround tested by kmos@ and myself.

date 2021-11-17T18:00:24Z
author bket
files src/sys/net/if_sppp.h log diff annotate
src/sys/net/if_spppsubr.c log diff annotate
message Display DNS information from sppp(4) in ifconfig(8)

Behaviour is similar to that of umb(4).

OK kn@

date 2021-11-17T22:56:19Z
author mvs
files src/sys/kern/uipc_usrreq.c log diff annotate
message When unp_connect() releases both solock() and vnode(9) locks the socket we
were connected could be closed by concurrent thread. Check connection
state and return ECONNREFUSED if the connection was lost.

ok bluhm@

date 2021-11-18T11:04:10Z
author sthen
files src/sys/netinet/ip_ipsp.c log diff annotate
message printing udpencap_port in ddb requires ntohs not ntohl. use better format
string. help claudio@ ok bluhm@

date 2021-11-18T16:57:59Z
author tb
files src/sys/dev/vnd.c log diff annotate
message vndsetcred: don't a reference to credentials in error path.

ok deraadt

date 2021-11-19T02:51:05Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm: panel-orientation-quirks: Add quirk for Aya Neo 2021

From Bryant Mairs
bc3e73ebb79b01abc121703669c65f54f0023cfe in linux 5.10.y/5.10.80
def0c3697287f6e85d5ac68b21302966c95474f9 in mainline linux

date 2021-11-19T02:53:39Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm: panel-orientation-quirks: Add quirk for GPD Win3

From Mario Risoldi
7d1fb5c12cc0c88159ebf946385141ed3019f009 in linux 5.10.y/5.10.80
61b1d445f3bfe4c3ba4335ceeb7e8ba688fd31e2 in mainline linux

date 2021-11-19T02:56:07Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)

From Hans de Goede
780fff2c75f096f3bc46855b105b83b4cec5cba7 in linux 5.10.y/5.10.80
820a2ab23d5eab4ccfb82581eda8ad4acf18458f in mainline linux

date 2021-11-19T02:59:07Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1

From Hans de Goede
62b90d7eeb6deb0124dcfe1b12f41c1524d26352 in linux 5.10.y/5.10.80
a53f1dd3ab9fec715c6c2e8e01bf4d3c07eef8e5 in mainline linux

date 2021-11-19T03:01:48Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6

From Hans de Goede
509ae4a4f0745bff108723e5d9a61b1113ea89fe in linux 5.10.y/5.10.80
88fa1fde918951c175ae5ea0f31efc4bb1736ab9 in mainline linux

date 2021-11-19T03:03:57Z
author jsg
files src/sys/dev/pci/drm/drm_panel_orientation_quirks.c log diff annotate
message drm/panel-orientation-quirks: add Valve Steam Deck

From Simon Ser
7987f31e54a2a453c54bdc516fe7a48035fddf03 in linux 5.10.y/5.10.80
9eeb7b4e40bfd69d8aaa920c7e9df751c9e11dce in mainline linux

date 2021-11-19T03:06:01Z
author jsg
files src/sys/dev/pci/drm/amd/amdgpu/vcn_v2_0.c log diff annotate
src/sys/dev/pci/drm/amd/amdgpu/vcn_v2_5.c log diff annotate
message drm/amdgpu: Fix MMIO access page fault

From Andrey Grodzovsky
2114f80889d89f96e65e0f8a74bd0ecf10b658f5 in linux 5.10.y/5.10.80
c03509cbc01559549700e14c4a6239f2572ab4ba in mainline linux

date 2021-11-19T03:08:23Z
author jsg
files src/sys/dev/pci/drm/amd/amdkfd/kfd_device.c log diff annotate
message drm/amdkfd: fix resume error when iommu disabled in Picasso

From Yifan Zhang
832fad367cac9ca075a1aff92e21dc77ea308e96 in linux 5.10.y/5.10.80
6f4b590aae217da16cfa44039a2abcfb209137ab in mainline linux

date 2021-11-19T03:10:49Z
author jsg
files src/sys/dev/pci/drm/amd/display/dc/dcn20/dcn20_resource.c log diff annotate
message drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled

From Anson Jacob
6f038b1a941e87886f6bbced0a65aea343a9859e in linux 5.10.y/5.10.80
bc39a69a2ac484e6575a958567c162ef56c9f278 in mainline linux

date 2021-11-19T03:12:48Z
author jsg
files src/sys/dev/pci/drm/ttm/ttm_bo_vm.c log diff annotate
message drm/ttm: stop calling tt_swapin in vm_access

From Matthew Auld
cbbf816cb7f9a84696b1f6277fee85c67a1c590c in linux 5.10.y/5.10.80
f5d28856b89baab4232a9f841e565763fcebcdf9 in mainline linux

date 2021-11-19T03:17:33Z
author jsg
files src/sys/dev/pci/drm/amd/amdgpu/amdgpu_bo_list.c log diff annotate
src/sys/dev/pci/drm/amd/amdgpu/amdgpu_bo_list.h log diff annotate
message drm/amdgpu: fix warning for overflow check

From Arnd Bergmann
375150b3aaf8cf7d01f6f0b582e264dd2fded814 in linux 5.10.y/5.10.80
335aea75b0d95518951cad7c4c676e6f1c02c150 in mainline linux

date 2021-11-19T03:19:13Z
author jsg
files src/sys/dev/pci/drm/amd/amdgpu/gmc_v6_0.c log diff annotate
message drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits

From Alex Deucher
ae1f588ca1b0c9e2f82c14479e408759a786f701 in linux 5.10.y/5.10.80
403475be6d8b122c3e6b8a47e075926d7299e5ef in mainline linux

date 2021-11-19T03:22:29Z
author jsg
files src/sys/dev/pci/drm/drm_plane_helper.c log diff annotate
message drm/plane-helper: fix uninitialized variable reference

From Alex Xu
2e548581fe5b48730d814916bd6bb8f8d8b5375a in linux 5.10.y/5.10.80
7be28bd73f23e53d6e7f5fe891ba9503fc0c7210 in mainline linux

date 2021-11-19T04:00:53Z
author guenther
files src/sys/arch/amd64/include/specialreg.h log diff annotate
src/sys/arch/i386/include/specialreg.h log diff annotate
message Correct the CPUID() and CPUID_LEAF() macros to not include a trailing
semicolon

ok deraadt@

date 2021-11-19T07:56:53Z
author dlg
files src/sys/dev/usb/uchcom.c log diff annotate
message let CH340 chips keep working in 8N1 mode.

they get confused if you try to configure them and don't work at
all otherwise. CH341 seems fine otherwise.

from miod
tested by me and Felix Kronlage-Dam

date 2021-11-19T07:58:34Z
author dlg
files src/sys/dev/usb/uchcom.c log diff annotate
message whitespace tweaks. no functional change.

a lot more knf could be sprinkled in this file...

date 2021-11-19T13:05:19Z
author stsp
files src/sys/dev/pci/if_iwm.c log diff annotate
src/sys/dev/pci/if_iwx.c log diff annotate
message Fix monitor mode on iwm(4) and iwx(4).

Set sc->ns_nstate when bypassing the driver's newstate handler while
bringing the interface down.
Otherwise, if the interface was already running, the INIT->RUN transition
which kicks off monitor mode will appear as a RUN->RUN transition to the
driver's newstate handler, and the handler will do nothing.
Monitor mode did not work as a result.

date 2021-11-19T15:58:36Z
author kettenis
files src/sys/kern/sys_futex.c log diff annotate
message Make futexes work in shared anonymous memory.

ok mpi@

date 2021-11-21T02:54:56Z
author bluhm
files src/sys/netinet/ip_ipsp.c log diff annotate
src/sys/netinet/ipsec_input.c log diff annotate
message Fix whitespace and long lines.

date 2021-11-21T11:00:40Z
author kettenis
files src/sys/dev/fdt/bcm2835_bsc.c log diff annotate
message Register i2c bus.

ok jsg@

date 2021-11-21T11:02:21Z
author kettenis
files src/sys/dev/fdt/files.fdt log diff annotate
src/sys/dev/fdt/iicmux.c log diff annotate
message Add iicmux(4), a driver that switches between I2C busses connected to
a single I2C controller by using the pin muxing facilities of an SoC.

ok visa@

date 2021-11-21T16:17:48Z
author mvs
files src/sys/netinet/ip_ah.c log diff annotate
src/sys/netinet/ip_esp.c log diff annotate
src/sys/netinet/ip_ipcomp.c log diff annotate
src/sys/netinet/ip_ipsp.c log diff annotate
src/sys/netinet/ip_ipsp.h log diff annotate
message Add the new `ipsec_exctdb' ipsec(4) counter to count and expose to the
userland the TDBs which exceeded hard limit.

Also the `ipsec_notdb' counter description in header doesn't math to
netstat(1) description. We never count `ipsec_notdb' and the netstat(1)
description looks more appropriate so it's used to avoid confusion with
the new counter.

ok bluhm@

date 2021-11-21T23:07:11Z
author deraadt
files src/sys/dev/vnd.c log diff annotate
message correct the vnd-on-vnd dev_t test, and avoid leaking a cred in an
obscure condition
ok tb

date 2021-11-22T03:30:20Z
author jsg
files src/sys/dev/usb/uhidev.c log diff annotate
message avoid clang -Wsometimes-uninitialized warning with SMALL_KERNEL

date 2021-11-22T10:17:14Z
author mglocker
files src/sys/dev/usb/ehci.c log diff annotate
src/sys/dev/usb/if_athn_usb.c log diff annotate
src/sys/dev/usb/if_otus.c log diff annotate
src/sys/dev/usb/if_run.c log diff annotate
src/sys/dev/usb/if_wi_usb.c log diff annotate
src/sys/dev/usb/if_zyd.c log diff annotate
src/sys/dev/usb/ohci.c log diff annotate
src/sys/dev/usb/uaudio.c log diff annotate
src/sys/dev/usb/udl.c log diff annotate
src/sys/dev/usb/uhci.c log diff annotate
src/sys/dev/usb/umass_scsi.c log diff annotate
src/sys/dev/usb/utvfu.c log diff annotate
src/sys/dev/usb/uvideo.c log diff annotate
src/sys/dev/usb/xhci.c log diff annotate
message Align memory allocation for USB device drivers and USB HC drivers:

* USB device drivers use M_USBDEV instead of M_DEVBUF.
* USB HC drivers use M_USBHC instead of M_DEVBUF.

In a vanilla setup, this enlarges the USB memory pool.

ok anton@

date 2021-11-22T10:23:42Z
author stsp
files src/sys/dev/pci/if_iwm.c log diff annotate
message Let iwm(4) resume directly in DVACT_WAKEUP instead of running the init task.

Same change as made for iwx(4) some time ago.

tested by myself and bket@

date 2021-11-22T10:31:58Z
author stsp
files src/sys/dev/pci/if_iwxreg.h log diff annotate
src/sys/dev/pci/if_iwxvar.h log diff annotate
message Fix iwx(4) Tx ring array size which was one entry too short.

Fortunately, this bug was harmless. The last Tx agg queue is never used
because ieee80211_classify() only returns TID values in the range 0 - 3.
And iterations over the txq array use nitems() to find the upper bound.

The possiblity of shrinking the txq array by 4 elements to get rid of
unused Tx agg queues could be investigated later.
For now, just fix the off-by-one error.

ok kettenis@

date 2021-11-22T10:47:55Z
author stsp
files src/sys/dev/pci/if_iwx.c log diff annotate
message In iwx(4), fix off-by-one errors during TID value bounds checks.

The TID is used as an array index and, according to the Linux driver,
must be smaller than IWX_MAX_TID_COUNT (8). The AP might request an Rx
aggregation session using TID 8. Our driver uses the TID as an index into
an array of IEEE80211_NUM_TID (16) elements, and hence would not crash.
However, the index is exposed to firmware which could potentially crash
or raise an assertion failure for values >= 8.

ok kettenis@

date 2021-11-22T10:54:36Z
author stsp
files src/sys/dev/pci/if_iwx.c log diff annotate
src/sys/dev/pci/if_iwxvar.h log diff annotate
message Let iwx(4) use per-Tx-queue interface timers to ensure that the interface
watchdog will trigger a device timeout if a particular Tx queue gets stuck
while other Tx queues keep working.

The Linux driver is using a similar workaround for "stuck queues".

Tested by myself and jmc@

date 2021-11-22T11:00:50Z
author stsp
files src/sys/dev/pci/if_iwm.c log diff annotate
message Make iwm(4) update an Rx BA session's last_rx timestamp when a frame
is received which matches the session.

Tested by myself and bket@

date 2021-11-22T11:01:12Z
author stsp
files src/sys/dev/pci/if_iwx.c log diff annotate
message Make iwx(4) update an Rx BA session's last_rx timestamp when a frame
is received which matches the session.

Same change as just made in iwm(4).

date 2021-11-22T11:29:17Z
author anton
files src/sys/dev/usb/ukbd.c log diff annotate
src/sys/dev/usb/ums.c log diff annotate
message Add missing claim multiple report ids conditionals to uhidev drivers.

date 2021-11-22T11:29:18Z
author anton
files src/sys/dev/usb/umstc.c log diff annotate
src/sys/dev/usb/utpms.c log diff annotate
src/sys/dev/usb/uwacom.c log diff annotate
message Add missing claim multiple report ids conditionals to uhidev drivers.

date 2021-11-22T11:30:16Z
author anton
files src/sys/dev/usb/uhidev.c log diff annotate
src/sys/dev/usb/uhidev.h log diff annotate
message Drop the old problematic claim multiple report ids logic now that all
uhidev drivers have been fixed.

date 2021-11-22T11:46:11Z
author mglocker
files src/sys/dev/usb/ehci.c log diff annotate
message M_USB -> M_USBHC

date 2021-11-22T12:55:40Z
author dv
files src/sys/arch/amd64/amd64/vmm.c log diff annotate
message vmm(4): copyout guest state on VM_EXIT_NONE

Partly related to a bug reported by kn@. We should be copying out
the guest exit state (including registers) when we succesfully
return from the vcpu run loop even if we don't require an emulation
assist from userland/vmd(8). This condition was introduced when I
removed the use of yield() and instead exit the kernel if the
scheduler says we've hogged the cpu.

ok mlarkin@

date 2021-11-22T12:56:04Z
author jsg
files src/sys/net/pf_table.c log diff annotate
message move PFR_TFLAG_CONST test, missed in rev 1.138
prompted by uninitialised var found by bluhm@ running regress on sparc64
ok sashan@

date 2021-11-22T13:47:10Z
author bluhm
files src/sys/netinet/ip_input.c log diff annotate
src/sys/netinet6/ip6_forward.c log diff annotate
message Copy code from ip_forward() to ip6_forward() to fix Path MTU discovery
in IPsec IPv6 tunnel. Implement sending ICMP6 packet too big
messages. Also implement the pf error case in ip6_forward(). While
there, do some cleanup and make the IPv4 and IPv6 code look similar.
OK tobhe@

date 2021-11-22T14:00:52Z
author jsg
files src/sys/dev/pci/if_igc.c log diff annotate
message avoid uninitialised variable use in igc(4)

read icr reg before testing bit in result
add missing block in rxeof from ix

ok kevlo@ patrick@

date 2021-11-22T14:57:17Z
author visa
files src/sys/kern/sys_futex.c log diff annotate
message Let futex_wait() run without kernel lock

The KERNEL_LOCK() is no longer necessary with rwsleep() and PCATCH
because the sleep machinery now does the locking internally.

OK mpi@

date 2021-11-22T14:59:03Z
author visa
files src/sys/kern/sys_generic.c log diff annotate
message Translate POLLNVAL in ppollcollect()

This makes the kqueue-based poll(2) behave more similarly to the old
code when a monitored file descriptor is closed by another thread.

OK mpi@

date 2021-11-22T17:15:05Z
author visa
files src/sys/kern/sys_generic.c log diff annotate
message Revert poll(2) back to the original implementation

The translation to and from kqueue still has major shortcomings.

Discussed with deraadt@

date 2021-11-22T19:22:59Z
author kettenis
files src/sys/arch/arm64/arm64/cpu.c log diff annotate
src/sys/arch/arm64/include/cpu.h log diff annotate
message Hack alert! Apple M1 systems still don't work with an MP kernel.
In order to make progress (and protect myself from things dumping cores
left and right when I run sysupgrade) abuse the hw.smt mechanism to
only schedule processes on the primary CPU.

ok deraadt@, patrick@

date 2021-11-22T20:19:23Z
author kettenis
files src/sys/dev/i2c/pcf8523.c log diff annotate
src/sys/dev/i2c/pcf8563.c log diff annotate
message Remove unused header files and make some cosmetic changes.

ok patrick@

date 2021-11-22T20:20:20Z
author kettenis
files src/sys/dev/i2c/files.i2c log diff annotate
src/sys/dev/i2c/pcf85063.c log diff annotate
message Add pcyrtc(4), a driver for the NXP PCF85063A/TP RTC chips.

ok patrick@

date 2021-11-22T20:25:50Z
author kettenis
files src/sys/arch/arm64/conf/GENERIC log diff annotate
src/sys/arch/arm64/conf/RAMDISK log diff annotate
message Enable iicmux(4) and pcyrtc(4).

date 2021-11-22T22:12:37Z
author jcs
files src/sys/dev/usb/ubcmtp.c log diff annotate
message use ISC license for ubcmtp

date 2021-11-23T00:17:59Z
author jsg
files src/sys/dev/ic/tea5757.c log diff annotate
src/sys/dev/pci/fmsradio.c log diff annotate
message avoid clang -Wsometimes-uninitialized warnings in fms(4)
feedback and ok millert@

date 2021-11-23T01:03:35Z
author deraadt
files src/sys/arch/arm64/arm64/cpu.c log diff annotate
message limit a variable to the scope inside #ifdef where it is used

date 2021-11-23T01:44:44Z
author kevlo
files src/sys/dev/pci/if_rge.c log diff annotate
message Fix mbuf leaks after reception error in rge_rxeof().

Being that rge(4) is derived from re(4) it looks like it has the same
issues as fixed in re(4) rev 1.211.

From Brad
ok gnezdo@

date 2021-11-23T19:13:45Z
author kn
files src/sys/net/if_pppoe.c log diff annotate
message Use system uptime not UTC time to calculate PPPoE session duration

Systems without RTC are likely to boot with wrong time, but pppoe(4) used
microtime(9) anyway to remember when a new session began.

(In)adequately, ifconfig(8) used gettimeofday(2) and calculated the
difference between two absoloute dates to infer the PPPoE session duration.

This goes off the rails if the wall clock jumps in between, e.g. due to NTP
kicking in.

Use getmicrouptime(9) and clock_gettime(2)/CLOCK_BOOTTIME instead to rely
on the monotonically increasing system uptime instead to fix this.

Reported and tested by Peter J. Philipp <pjp AT delphinusdns DOT org> on
some octeon box without RTC.
I've seen this on a Edgerouter 4 as well (2m uptime, 19d session).

OK claudio