Re: fix ldapd unveil

2021-12-14 Thread Theo de Raadt
I agree. Jonathan Matthew wrote: > ldapd currently can't reopen its database files, because it always passes > O_CREAT to open() when reopening (see ldapd_open_request()), which means it > needs the unveil 'c' flag. This may have been missed when ldapd was unveiled > because 'ldapctl compact' w

fix ldapd unveil

2021-12-14 Thread Jonathan Matthew
ldapd currently can't reopen its database files, because it always passes O_CREAT to open() when reopening (see ldapd_open_request()), which means it needs the unveil 'c' flag. This may have been missed when ldapd was unveiled because 'ldapctl compact' was broken (see other diff). ok? Index: ld

fix ldapctl compact and index operations

2021-12-14 Thread Jonathan Matthew
r1.5 of ldapctl.c accidentally inverted the conditionals meant to skip compacting or indexing namespaces with referrals. ok? Index: ldapctl.c === RCS file: /cvs/src/usr.sbin/ldapctl/ldapctl.c,v retrieving revision 1.15 diff -u -p -u

OpenBSD Errata: December 14, 2021 (X11server)

2021-12-14 Thread Alexander Bluhm
Errata patches for X11 server have been released for OpenBSD 6.9 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata69.html https://www.openbsd.or

ipsec race in tdb spd cleanup

2021-12-14 Thread Alexander Bluhm
Hi, I have found a small race in tdb_delete() between TDBF_DELETED, tdb_unlink() and tdb_cleanspd(). gettdb...() could return a TDB before tdb_unlink(). Then ipsp_spd_lookup() could add it to tdb_policy_head after tdb_cleanspd(). There it would stay until it hits the kassert in tdb_free(). I h

Re: syskaller igmp leavegroup

2021-12-14 Thread Vitaliy Makkoveev
ok mvs@ > On 14 Dec 2021, at 16:49, Alexander Bluhm wrote: > > Hi, > > syzkaller found a NULL dereference: > > https://syzkaller.appspot.com/bug?id=a7f159c677ec125fe9edef2265e2749f13e24243 > > It looks like inm->inm_rti is NULL. It is set in rti_fill() or not > set if malloc(9) fails. There

Re: uniq(1): don't skip() lines more than once

2021-12-14 Thread Todd C . Miller
On Tue, 14 Dec 2021 11:25:34 -0600, Scott Cheloha wrote: > In uniq(1), calling skip() to skip fields and/or characters on each > input line is extremely expensive. One way to reduce the cost is to > only do it once for a given line, instead of doing it repeatedly for > the most recent unique line

uniq(1): don't skip() lines more than once

2021-12-14 Thread Scott Cheloha
In uniq(1), calling skip() to skip fields and/or characters on each input line is extremely expensive. One way to reduce the cost is to only do it once for a given line, instead of doing it repeatedly for the most recent unique line. The performance improvement for this trivial change is enormous

Re: Event filter adjustments for ttys

2021-12-14 Thread Visa Hankala
On Sat, Dec 11, 2021 at 01:47:41PM +, Visa Hankala wrote: > This adds EVFILT_EXCEPT handler for ttys to let kqueue-based poll(2) > detect POLLHUP when pollfd.event == 0. > > filt_ttywrite(), and also filt_ptcwrite(), appear to lack HUP detection. > Has this been intentional? > > The poll(2) e

Re: ipsec ipo tdb mutex

2021-12-14 Thread Vitaliy Makkoveev
ok mvs@ > On 11 Dec 2021, at 22:03, Alexander Bluhm wrote: > > On Sat, Dec 11, 2021 at 12:53:35AM +0100, Alexander Bluhm wrote: >> To cache lookups, the policy ipo is linked to its SA tdb. There >> is a list of SAs that belong to a policy. To make it MP safe we >> need a mutex around these poi

syskaller igmp leavegroup

2021-12-14 Thread Alexander Bluhm
Hi, syzkaller found a NULL dereference: https://syzkaller.appspot.com/bug?id=a7f159c677ec125fe9edef2265e2749f13e24243 It looks like inm->inm_rti is NULL. It is set in rti_fill() or not set if malloc(9) fails. There is no rollback if malloc fails so the field stays uninitialized. The code is c

Re: com(4) at acpi(4) on amd64

2021-12-14 Thread Patrick Wildt
On Mon, Dec 13, 2021 at 11:15:00PM +0100, Mark Kettenis wrote: > > Date: Fri, 10 Dec 2021 07:56:44 +0100 > > From: Anton Lindqvist > > > > On Tue, Dec 07, 2021 at 01:08:45PM +0100, Mark Kettenis wrote: > > > > Date: Tue, 7 Dec 2021 11:30:48 +0100 > > > > From: Anton Lindqvist > > > > > > > > On

Re: Fix ipsp_spd_lookup() for transport mode

2021-12-14 Thread YASUOKA Masahiko
Hi, On Tue, 14 Dec 2021 01:20:49 +0100 Alexander Bluhm wrote: > I don't know much about l2tp, pipex or npppd. So I cannot say if > the new logic is correct. But I guess you have tested that. Yes, I've tested some L2TP/IPsec cases already. > The tdb mutex and ref counting looks correct. > >>