IABSD.fr/src/lib

Branch :


Log

Author Commit Date CI Message
2b753c9d 2020-08-29 02:29:01 define OPENSSL_NO_SSL_TRACE in opensslfeatures.h ok jsing@ tb@
ce9a4ac3 2020-08-23 21:38:47 amd64: TSC timecounter: prefix RDTSC with LFENCE Regarding RDTSC, the Intel ISA reference says (Vol 2B. 4-545): > The RDTSC instruction is not a serializing instruction. > > It does not necessarily wait until all previous instructions > have been executed before reading the counter. > > Similarly, subsequent instructions may begin execution before the > read operation is performed. > > If software requires RDTSC to be executed only after all previous > instructions have completed locally, it can either use RDTSCP (if > the processor supports that instruction) or execute the sequence > LFENCE;RDTSC. To mitigate this problem, Linux and DragonFly use LFENCE. FreeBSD and NetBSD take a more complex route: they selectively use MFENCE, LFENCE, or CPUID depending on whether the CPU is AMD, Intel, VIA or something else. Let's start with just LFENCE. We only use the TSC as a timecounter on SSE2 systems so there is no need to conditionally compile the LFENCE. We can explore conditionally using MFENCE later. Microbenchmarking on my machine (Core i7-8650) suggests a penalty of about 7-10% over a "naked" RDTSC. This is acceptable. It's a bit of a moot point though: the alternative is a considerably weaker monotonicity guarantee when comparing timestamps between threads, which is not acceptable. It's worth noting that kernel timecounting is not *exactly* like userspace timecounting. However, they are similar enough that we can use userspace benchmarks to make conjectures about possible impacts on kernel performance. Concerns about kernel performance, in particular the network stack, were the blocking issue for this patch. Regarding networking performance, claudio@ says a 10% slower nanotime(9) or nanouptime(9) is acceptable and that shaving off "tens of cycles" is a micro-optimization. There are bigger optimizations to chase down before such a difference would matter. There is additional work to be done here. We could experiment with conditionally using MFENCE. Also, the userspace TSC timecounter doesn't have access to the adjustment skews available to the kernel timecounter. pirofti@ has suggested a scheme involving RDTSCP and an array of skews mapped into user memory. deraadt@ has suggested a scheme where the skew would be kept in the TCB. However it is done, access to the skews will improve monotonicity, which remains a problem with the TSC. First proposed by kettenis@ and pirofti@. With input from pirofti@, deraadt@, guenther@, naddy@, kettenis@, and claudio@. Based on similar changes in Linux, FreeBSD, NetBSD, and DragonFlyBSD. ok deraadt@ pirofti@ kettenis@ naddy@ claudio@
774a2b88 2020-08-23 10:31:27 check errno against EINTR; not return value from poll() spotted by Pedro Martelletto
8b51a2b1 2020-08-23 03:34:57 update to libfido2 46710ac06, picking up a few API changes ok tb@ deraadt@ NB. major crank
d35e2a8f 2020-08-17 16:17:39 Fix append mode so it always writes to the end and expand regress. OK deraadt@ martijn@
ac593df8 2020-08-14 12:00:33 Fix handling of "w+" mode, we were only truncating for "w". OK martijn@ mpi@
97119481 2020-08-13 01:00:03 select.2: Xr directly to timersub(3) now that it has a dedicated manpage Reported by Fabian Raetz <fabian.raetz@gmail.com>.
267063ed 2020-08-11 19:25:40 Send an unexpected message alert if no valid content type is found. When record protection is engaged, the plaintext must be followed by a non-zero content type and optional zero padding. If the plaintext is zero length or only consists of zero bytes then it is not a valid message, since the content type is unspecified. ok tb@
ec46fd71 2020-08-11 19:21:54 Increment the epoch in the same place for both read and write. ok inoguchi@ tb@
b7c5dcbc 2020-08-11 19:13:35 Use 0 instead of 0x00 for memset() calls. ok inoguchi@ tb@
8d080487 2020-08-11 18:40:24 Use SSL3_SEQUENCE_SIZE for last_write_sequence[] rather than hardcoding. ok inoguchi@ tb@
65abc581 2020-08-11 18:39:40 In SSL_new() just 'goto err' on allocation failure. The error path does the same as the currently duplicated code. ok inoguchi@ tb@
739189a3 2020-08-11 08:44:53 sync with upstream libfido2 rev 2fa20b889, picking up ~7 months of fixes and a few new APIs that we'd like to use in OpenSSH ok deraadt@
f2119caf 2020-08-10 21:14:10 Tedu compiler-rt 8.0.1.
21f43879 2020-08-10 21:09:39 Un-hook and re-hook libcompiler_rt. ok kettenis@
7e41bb6d 2020-08-10 18:54:45 Avoid passing -1 to freezero. If a peer sends a bogus record consisting of all-zero plaintext, the content_len would be decremented to -1 and cause a crash in freezero. ok inoguchi jsing
821d9f84 2020-08-09 16:54:16 Fix some wrapping/indent.
c9dc3245 2020-08-09 16:25:54 Add P-521 to the list of curves supported by default in the client. A certain VPN provider appears to have configured their servers to only accept P-521 for TLSv1.3 key exchange. The particular VPN software in use also does not currently allow for the TLSv1.3 key share groups to be configured, which means that there is no way to easily use LibreSSL in this situation. Include P-521 in the list of curves that are supported by default in the client, in order to increase interoperability. Discussed at length with beck@, inoguchi@ and tb@. ok tb@
d6d3cb6f 2020-08-09 16:02:58 Use CBB more correctly when writing SSL3/DTLS records. Previously we used CBB to build the record headers, but not the entire record. Use CBB_init_fixed() upfront, then build the record header and add space for the record content. However, in order to do this we need to determine the length of the record upfront. This simplifies the code, removes a number of manual bounds checks and makes way for further improvements. ok inoguchi@ tb@
fab8befd 2020-08-09 15:46:28 Make the explicit IV length handling in DTLS the same as SSL3/TLS. ok inoguchi@ tb@
f85d15bd 2020-08-06 22:17:49 delete another word to improve the wording; suggested by jmc@
9409ab67 2020-08-06 15:40:29 Explain the purpose of CMAC_resume(3) in more detail. Triggered by jmc@ apparently misunderstanding the intention of the text and fixing a grammatical error in a way that wasn't ideal, so i guess he wouldn't have been the only one to find the previous version hard to understand. OK jmc@
8480570e 2020-08-04 14:34:54 Cleanup aead_ctx ok jsing@ tb@
53c2c62e 2020-08-04 09:32:05 We have `pipexinq' and `pipexoutq' mbuf(9) queues to store pipex(4) related mbufs. Each mbuf(9) passed to these queues stores the pointer to corresponding pipex(4) session referenced as `m_pkthdr.ph_cookie'. When session was destroyed its reference can still be in these queues so we have use after free issue while pipexintr() dereference it. I removed `pipexinq', `pipexoutq' and pipexintr(). This not only allows us to avoid issue described above, but also removes unnecessary context switch in packet processing. Also it makes code simpler. ok mpi@ yasuoka@
821a9d0c 2020-08-03 19:46:55 Only parse a client's status_request in the CH A client should only send a status_request as part of the CH. Pointed out by Michael Forney ok inoguchi jsing
f3962f87 2020-08-03 19:43:16 Ensure clients only send a status_request in the CH The current code might cause a client to send a status_request containing a CertificateStatusRequest with its certificate. This makes no sense. Pointed out by Michael Forney ok inoguchi jsing
e8274887 2020-08-03 19:27:57 Correctly handle server requests for an OCSP response According to RFC 8446, 4.4.2.1, a server may request that a client present an OCSP response with its certificate by sending an empty status_request extension as part of the certificate request. The current code expects a full CertificateStatus structure, which is only sent if the server sends an OCSP response with its certificate. This causes interoperability issues with Go's TLS server and with newer GnuTLS where we would abort the handshake with a decode_error alert and length mismatch error. Issue reported and diagnosed by Michael Forney Problem also found by Mikolaj Kucharski and inoguchi. ok inoguchi jsing
fbbe0fe0 2020-08-03 15:27:47 Bump libc++ and libc++abi majors due to floating point type changes with LLVM 10. found by kettenis@ ok deraadt@
6b2850a6 2020-08-03 03:47:12 crank the major cos grammar.c has grown. pointed out by tb@, who also provided the diff. maybe someone should/could add a Symbols.list here? ok tb@ deraadt@
2cba36b5 2020-08-03 03:40:02 add "sample NUM" so you can ask to capture 1/NUM packets from a filter. the use of the sample keyword matches similar config in other products. NUM can be a number between 2 and 1048576, and is used to divide 0x100000000 into a threshold that is then compared against a randomly generated number produced by a load of BPF_RND. having sampling as part of the grammar means you can write things like "icmp or sample 128". this lets you capture all icmp traffic and a sample of the rest of the traffic. ok jmatthew@ kn@ tb@
a8e9f808 2020-08-03 03:29:58 add support for handling loads from BPF_RND. this adds "rnd" and "random" as keywords in the grammar, and handles them as an arithmetic operator. the decoder recognises the load, so tcpdump can print it as 'ld #random'. most of the handling is copied from the "len"/"length" keywoard handling that generates and decodes a load of the actual wire length of the packet. ok jmatthew@ tb@ kn@
d3425be1 2020-08-03 02:34:31 sync to upstream libcbor v0.7.0; some minor fixes, but a note major crank due to ABI change.
278b6199 2020-08-02 18:35:48 Squelch warning by using idiom from libc bcrypt(3) Clang 10 warns about the expression sizeof(cdata) / sizeof(uint64_t) as cdata is an array of uint32_t and it expects that the intent of this is to compute the number of array elements. Use BCRYPT_WORDS / 2 instead. Same diff as millert's commit sys/lib/libsa/bcrypt_pbkdf.c -r1.2, which was ok kettenis. deraadt confirms that this satisfies clang 10.
0171e270 2020-08-02 07:33:15 Check the return value of tls1_enc() in the write path. The write path can return a failure in the AEAD path and there is no reason not to check a return value. Spotted by tb@ during another review. ok tb@
54356378 2020-08-01 16:50:16 Clean up/simplify more of the dtls1/ssl3 record writing code: - Make the DTLS code much more consistent with the ssl3 code. - Avoid assigning wr->input and wr->length just so they can be used as arguments to memcpy(). - Remove the arc4random_buf() call for the explicit IV, since tls1_enc() already does this for us. ok tb@
724b49ef 2020-08-01 16:38:17 Pull record version selection code up and pass it as an argument to ssl3_create_record(). ok tb@
5ea94325 2020-07-30 16:57:53 Have ssl_init_wbio_buffer() push the buffering BIO rather than doing it ourselves. Spotted by tb@ during a previous review.
18691bb1 2020-07-30 16:53:01 Clean up and simplify some of the SSL3/DTLS1 record writing code. This will allow for further changes to be made with less complexity and easier review. In particular, decide if we need an empty fragment early on and only do the alignment calculation once (rather than in two separate parts of the function. ok tb@ inoguchi@
08d6ed5e 2020-07-30 16:23:17 Add minimal info callback support for TLSv1.3 As abieber@ found the hard way, some python frameworks (twisted, synapse) thought it a great idea to use the info callback mechanism (designed to get state information about SSL objects) to modify state information such as setting and verifying the SNI. The switch of TLS_method() to default to TLSv1.3 broke these contraptions. Further bits of the info callback mechanism will likely metastasize throughout the TLSv1.3 stack if we need them, so we only do what's really necessary now. Lots of debugging, crucial hint and testing by abieber input & ok jsing
d6d9140f 2020-07-27 07:10:36 Fix two cases where we shpould compare/store 64-bit values instead of 32-bit values. ok gkoehler@, drahn@
ccee21b1 2020-07-27 05:08:57 Fix powerpc64's sbrk() Initialize __curbrk = &_end. It's a 64-bit pointer, so use ld/std instead of lwz/stw. ok drahn@
409840fe 2020-07-26 13:27:23 Reference unveil(2) in system accounting and daily.8. Reminder that unveil does not kill from brynet and gsoares. Wording tweaks from jmc; feedback from deraadt. ok jmc@, millert@, solene@, "fine with me" deraadt@
11848c02 2020-07-25 17:44:30 Handle SSL_MODE_AUTO_RETRY being changed during a TLSv1.3 session. Both Perl's HTTP::Tiny and IO::Socket::SSL know about SSL_MODE_AUTO_RETRY and try to work around the fact that OpenSSL enabled it by default. However, this can lead to the mode being disabled prior to the TLSv1.3 handshake and then enabled after the handshake has completed. In order to handle this correctly we have to check the mode and inform the record layer prior to every read. Issue reported and test case provided by Nathanael Rensen <nathanael@polymorpheus.com>. ok inoguchi@ tb@
03a6d8ed 2020-07-25 11:53:37 remove half a dozen "goto" statements and a label that change nothing whatsoever, except making the code harder to read; OK tb@
11f343f8 2020-07-24 16:38:47 tweak previous;
7e22e691 2020-07-23 17:34:53 document PEM_X509_INFO_read(3) and PEM_X509_INFO_read_bio(3) OK tb@
dd0c637a 2020-07-23 17:15:35 Fix a bug in PEM_X509_INFO_read_bio(3) that is very likely to cause use-after-free and double-free issues in calling programs. The bug was introduced in SSLeay-0.6.0 released on June 21, 1996 and has been present since OpenBSD 2.4. I found the bug while documenting the function. The bug could bite in two ways that looked quite different from the perspective of the calling code: * If a stack was passed in that already contained some X509_INFO objects and an error occurred, all the objects passed in would be freed, but without removing the freed pointers from the stack, so the calling code would probable continue to access the freed pointers and eventually free them a second time. * If the input BIO contained at least two valid PEM objects followed by at least one PEM object causing an error, at least one freed pointer would be put onto the stack, even though the function would return NULL rather than the stack. But the calling code would still have a pointer to the stack, so it would be likely to access the new bogus pointers sooner or later. Fix all this by remembering the size of the input stack on entry and cutting it back to exactly that size when exiting due to an error, but no further. While here, do some related cleanup: * Garbage collect the automatic variables "error" and "i" which were only used at one single place each. * Use NULL rather than 0 for pointers. I like bugfixes that make the code four lines shorter, reduce the number of variables by one, reduce the number of brace-blocks by one, reduce the number if if-statements by one, and reduce the number of else-clauses by one. Tweaks and OK tb@.
0918526a 2020-07-21 22:44:55 DLT_LOOP does have a link header, so tell pcap-filter so it can use it. matthieu@ reported that asking tcpdump to look at ip or ip6 traffic on a wg(4) interface caused all packets to be captured. this is because pcap assumes that if your link type doesn't have a link header then it is always ip or ip6 (which is weird anyway) and captures everything. there was already code to generate a filter for the DLT_LOOP link header, it was just bypassed cos earlier code said that there wasn't one. debugged with and ok kn@
757e7193 2020-07-18 08:37:43 Userland timecounter implementation for octeon OK naddy@; no objections from kettenis@
76cc9b95 2020-07-18 05:01:14 Raw device access is not anymore a fall-back for when sndiod isn't running Found by Jan Stary <hans at stare.cz>, discussed with jmc@
8e8a48ab 2020-07-17 20:15:43 Userland timecounter for macppc Tested by cwen@ and myself. Thanks to pirofti@ for creating the userland timecounter feature. ok kettenis@ pirofti@ deraadt@ cheloha@
f7ff4436 2020-07-17 16:40:26 "wroute" allows changes to the routing table; ok deraadt
4f4cd96d 2020-07-17 16:23:23 route and wroute were undocumented; ok florian
a37af58c 2020-07-16 20:08:12 Remove obsolete LOCALE_HOME code we have never used (and never will). Upstream removed it in 2004. From Jan Stary.
22966de3 2020-07-16 17:47:09 allow setenv LIBC_NOUSERTC to disable userland timekeeping, for ktrace. ok deraadt pirofti
c4e156dd 2020-07-15 22:58:33 Userland timecounter implementation for arm64. ok naddy@
30342cdf 2020-07-14 18:55:59 Dedup the use legacy stack code. ok inoguchi@ tb@
a759cde3 2020-07-14 18:47:50 Revert the TLSv1.3 version switching fix/hack. This is no longer necessary since the TLS_method() now supports TLSv1.3. Reverts r1.211 of ssl_lib.c. ok beck@ inoguchi@ tb@
874055c7 2020-07-14 16:48:13 Fix TIB/TCB on powerpc64. Some bright sould decided that the TCB should be 8 bytes in the 64-bit ABI just like in the 32-bit ABI. But that means there is no "spare" word in the TCB that we can use to store a pointer to our struct pthread. So we have to treat powerpc64 special. Also recognize that the thread pointer points 0x7000 bytes after the TCB. Since the TCB is 8 bytes this means that TCB_OFFSET should be 0x7008. Pointed out by guenther@; ok deraadt@
2f959527 2020-07-11 16:24:37 Add usertc.c.
42ac4c7b 2020-07-11 16:21:29 Add missing usertc.c file.
fc72f1bd 2020-07-10 17:04:18 adjust %n description to vaguely say "pointer", becuase the following list of "[size]n" includes "n" on it's own, thereby the "int" case is described correctly. ok schwarze
84fb3e49 2020-07-10 14:43:18 As suggested by deraadt@, rewrite most of the printf(3) manual page to properly show the (differing) syntaxes of all the conversion specifications, and reduce the amount of forward references from the list of modifiers to the list of specifiers. While here, properly explain %lc and %ls. Also correct RETURN VALUES, which incorrectly talked about counting characters while actually bytes are counted. Using feedback from millert@, deraadt@, tb@, and Martin Vahlensieck. OK deraadt@, millert@, and tb@ on intermediate versions of this diff and no objections from jmc@.
2a049e6c 2020-07-09 22:13:29 The fegetexceptflag() function should not have a DEF_STD. Brings arm64 in line with all the other architectures. ok millert@
69657d9a 2020-07-09 02:17:07 adjfreq(2): limit adjustment to [-500000, +500000] ppm When we recompute the scaling factor during tc_windup() there is an opportunity for arithmetic overflow if the active timecounter's adjfreq(2) adjustment is too large. If we limit the adjustment to [-500000, +500000] ppm the statement in question cannot overflow. In particular, we are concerned with the following bit of code: scale = (u_int64_t)1 << 63; scale += \ ((th->th_adjustment + th->th_counter->tc_freq_adj) / 1024) * 2199; scale /= th->th_counter->tc_frequency; th->th_scale = scale * 2; where scale is an int64_t. Overflow when we do: scale += (...) / 1024 * 2199; as th->th_counter->tc_freq_adj is currently unbounded. th->th_adjustment is limited to [-5000ppm, 5000ppm]. To see that overflow is prevented with the new bounds, consider the new edge case where th->th_counter->tc_freq_adj is 500000ppm and th->th_adjustment is 5000ppm. Both are of type int64_t. We have: int64_t th_adjustment = (5000 * 1000) << 32; /* 21474836480000000 */ int64_t tc_freq_adj = 500000000LL << 32; /* 2147483648000000000 */ scale = (u_int64_t)1 << 63; /* 9223372036854775808 */ scale += (th_adjustment + tc_freq_adj) / 1024 * 2199; /* scale += 2168958484480000000 / 1024 * 2199; */ /* scale += 4657753620480000000; */ 9223372036854775808 + 4657753620480000000 = 13881125657334775808, which less than 18446744073709551616, so we don't have overflow. On the opposite end, if th->th_counter->tc_freq_adj is -500000ppm and th->th_adjustment is -5000ppm we would have -4657753620480000000. 9223372036854775808 - 4657753620480000000 = 4565618416374775808. Again, no overflow. 500000ppm and -500000ppm are extreme adjustments. otto@ says ntpd(8) would never arrive at them naturally, so we are not at risk of breaking a working setup by imposing these restrictions. Documentation input from kettenis@. No complaints from otto@.
de43b1a9 2020-07-08 09:20:28 Userland timecounter implementation for sparc64. ok deraadt@, pirofti@
c8437fb9 2020-07-08 09:17:48 Clean up the amd64 userland timecounter implementation a bit: * We don't need TC_LAST * Make internal functions static to avoid namespace pollution in libc.a * Use a switch statement to harmonize with architectures providing multiple timecounters ok deraadt@, pirofti@
25aa477e 2020-07-07 19:31:11 Remove some unnecessary function pointers from SSL_METHOD_INTERNAL. ssl_version is completely unused and get_timeout is the same everywhere. ok beck@ inoguchi@ tb@
94149d15 2020-07-07 19:24:23 Enable TLSv1.3 for the generic TLS_method(). This can be done now that we have both TLSv1.3 client and server. ok beck@ inoguchi@ tb@
e571446a 2020-07-06 17:24:59 Minor tweaks in the description of %g: 1. Clarify that %G uses %F, not %f; noticed by millert@. 2. Mention that %g originally meant "general notation", see: https://minnie.tuhs.org/cgi-bin/utree.pl?file=V7/usr/src/libc/stdio/doprnt.s Triggered by a somewhat different patch from Ian <ropers at gmail dot com>. Feedback and OK millert@ and jmc@.
d82e6535 2020-07-06 13:33:05 Add support for timeconting in userland. This diff exposes parts of clock_gettime(2) and gettimeofday(2) to userland via libc eliberating processes from the need for a context switch everytime they want to count the passage of time. If a timecounter clock can be exposed to userland than it needs to set its tc_user member to a non-zero value. Tested with one or multiple counters per architecture. The timing data is shared through a pointer found in the new ELF auxiliary vector AUX_openbsd_timekeep containing timehands information that is frequently updated by the kernel. Timing differences between the last kernel update and the current time are adjusted in userland by the tc_get_timecount() function inside the MD usertc.c file. This permits a much more responsive environment, quite visible in browsers, office programs and gaming (apparently one is are able to fly in Minecraft now). Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others! OK from at least kettenis@, cheloha@, naddy@, sthen@
accddc9b 2020-07-03 07:17:26 zap trailing whitespace on one line
c54b8396 2020-07-03 04:51:59 Make the message type available to the extension functions Some TLS extensions need to be treated differently depending on the handshake message they appear in. Over time, various workarounds and hacks were used to deal with the unavailability of the message type in these functions, but this is getting fragile and unwieldy. Having the message type available will enable us to clean this code up and will allow simple fixes for a number of bugs in our handling of the status_request extension reported by Michael Forney. This approach was suggested a while ago by jsing. ok beck jsing
9b8a142f 2020-07-03 04:12:50 Improve argument order for the internal tlsext API Move is_server and msg_type right after the SSL object so that CBS and CBB and alert come last. This brings these functions more in line with other internal functions and separates state from data. requested by jsing
b1b45171 2020-07-02 08:59:45 Use a relative branch to jump from setjmp(3) into _setjmp(4). Use correct register to reference the location where we store CR.
f0038c0c 2020-06-30 11:12:07 Add missing comparison instruction. Load %r12 with the indirect branch address to load the correct TOC address.
29ce189c 2020-06-29 15:32:44 Disable assembly code for powerpc64; more work is needed to make it work.
50857149 2020-06-29 15:30:58 Use C versions of bcopy(3) and memmove(3) for now as the assembly version of bcopy(9) doesn't work in its current state. ok deraadt@
d37bd831 2020-06-28 11:53:20 Use std instead of stw to store CR since we use std in sigsetjmp(3) and we use ld to load it again in longjmp(3).
558cf89c 2020-06-28 09:46:58 Add stub implementation; derived from kvm_sh.c which has our preferred copyright license.
fd50b86c 2020-06-28 09:45:12 Fix grammar in comment.
f1bf7a74 2020-06-28 08:22:57 Add powerpc64 support.
c931458e 2020-06-28 08:19:34 Add powerpc64 fenv bits; copied from powerpc. From drahn@
23ce8031 2020-06-28 07:50:57 Switch back to bn_mul_mont_int since the bn_mul_mont_fpu64 code isn't hooked up and the lack of a bn_mul_mont_int implementation results in undefined references.
2b1283e1 2020-06-28 07:31:05 Add dummy getWCookie() implementation for powerpc64. From drahn@
0d572986 2020-06-28 07:15:30 The 2nd and 3rd argument are pointers, so use the appropriate doubleword instructions. ok drahn@
803610b3 2020-06-28 05:39:30 Use .Dv for SIOCTL_SEL, as we do for all other macros
4f3fcc39 2020-06-28 05:21:38 Allow switching between alternate devices (-F option) with sndioctl(1)
49f67e12 2020-06-28 05:17:25 Add a new SIOCTL_SEL control type to select one of a predefined set of mutually exclusive values. It's the same as SIOCTL_LIST except that exactly one list element may be selected.
7bccb200 2020-06-27 18:35:07 Prevent the use of jump tables on powerpc64 as well. ok patrick@, drahn@
8e16d6cc 2020-06-27 14:18:42 Add missing label.
08b16776 2020-06-26 20:16:21 Provide an optimized implementation of ffs(3) in libc on aarch64/powerpc/powerpc64, making use of the count leading zeros instruction. Also add a brief regression test. ok deraadt@ kettenis@
6becf282 2020-06-26 19:57:02 Fix powerpc64 pie binraries, in register renumbering one line was missed.
bfccc37d 2020-06-26 17:58:45 Fix TCB_OFFSET_ERRNO. Adjust comments to reflect that powerpc64 uses %r13 as the per-thread register. ok patrick@, drahn@
43b3e2c9 2020-06-26 10:31:44 Avoid "bare" register numbers.
5fe86291 2020-06-26 00:39:59 Accidentally doubled these files on first commit. Correcting.
602083f5 2020-06-25 12:20:17 Add missing kvm_dump(3) and kvm_getfiles(3) under SEE ALSO for completeness
2c901073 2020-06-25 07:35:05 Switch the order of the two tests in tls13_client_hello_required_extensions to match the order they are listed in the RFC. No functional change.
f809d9d9 2020-06-25 04:29:08 Intial attempt at powerpc64 libcrypto pieces. just commit this kettenis@
8bf96a7f 2020-06-25 04:11:59 disable altivec and vsx as it causes issues in qemu testing. This probably should be backed out after fully debugged, vector instructions caused problems with debug configuration.