From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 00:54:11 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id DC518573B6B;
 Mon, 22 Mar 2021 00:54:11 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F3bc35v0Tz4fx0;
 Mon, 22 Mar 2021 00:54:11 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BD25324563;
 Mon, 22 Mar 2021 00:54:11 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12M0sBmk019097;
 Mon, 22 Mar 2021 00:54:11 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12M0sBaL019096;
 Mon, 22 Mar 2021 00:54:11 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 00:54:11 GMT
Message-Id: <202103220054.12M0sBaL019096@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: 0cb06bcc54d9 - stable/13 - Include ccompile.h after opt_global.h.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0cb06bcc54d9c05b72886b5729cf0593c2d703c5
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 00:54:11 -0000

The branch stable/13 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=0cb06bcc54d9c05b72886b5729cf0593c2d703c5

commit 0cb06bcc54d9c05b72886b5729cf0593c2d703c5
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2021-03-15 17:48:50 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2021-03-22 00:54:06 +0000

    Include ccompile.h after opt_global.h.
    
    This restores INVARIANTS enabling ZFS_DEBUG when built as module.
    
    Discussed with: freqlabs
    MFC after:      1 week
    
    (cherry picked from commit 8ea35c45d5206ad57945ba160484f04450c88b75)
---
 sys/modules/zfs/Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/modules/zfs/Makefile b/sys/modules/zfs/Makefile
index 0fab9f552314..983f0aa0e994 100644
--- a/sys/modules/zfs/Makefile
+++ b/sys/modules/zfs/Makefile
@@ -22,8 +22,6 @@ CFLAGS+= -I${INCDIR}/os/freebsd
 CFLAGS+= -I${INCDIR}/os/freebsd/spl
 CFLAGS+= -I${INCDIR}/os/freebsd/zfs
 CFLAGS+= -I${SRCDIR}/zstd/include
-CFLAGS+= -include ${INCDIR}/os/freebsd/spl/sys/ccompile.h
-CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/static_ccompile.h
 CFLAGS+= -I${.CURDIR}
 
 CFLAGS+= -D__KERNEL__ -DFREEBSD_NAMECACHE -DBUILDING_ZFS \
@@ -284,6 +282,8 @@ SRCS+=	zfs_zstd.c \
 .include <bsd.kmod.mk>
 
 CFLAGS+= -include ${SRCTOP}/sys/cddl/compat/opensolaris/sys/debug_compat.h
+CFLAGS+= -include ${INCDIR}/os/freebsd/spl/sys/ccompile.h
+CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/static_ccompile.h
 
 CWARNFLAGS+=	${OPENZFS_CWARNFLAGS}
 

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 13:52:12 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id DBF7B5AF727;
 Mon, 22 Mar 2021 13:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F3wsm5ygTz3h0h;
 Mon, 22 Mar 2021 13:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BFB9A6D3A;
 Mon, 22 Mar 2021 13:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MDqCns013043;
 Mon, 22 Mar 2021 13:52:12 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MDqC2a013042;
 Mon, 22 Mar 2021 13:52:12 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 13:52:12 GMT
Message-Id: <202103221352.12MDqC2a013042@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Leandro Lupori <luporl@FreeBSD.org>
Subject: git: 3aa6cc000f74 - stable/13 - ofwfb: fix boot on LE
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: luporl
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3aa6cc000f7472079a5174944e70f3bd412e6c37
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 13:52:12 -0000

The branch stable/13 has been updated by luporl:

URL: https://cgit.FreeBSD.org/src/commit/?id=3aa6cc000f7472079a5174944e70f3bd412e6c37

commit 3aa6cc000f7472079a5174944e70f3bd412e6c37
Author:     Leandro Lupori <luporl@FreeBSD.org>
AuthorDate: 2021-03-09 15:11:58 +0000
Commit:     Leandro Lupori <luporl@FreeBSD.org>
CommitDate: 2021-03-22 13:48:46 +0000

    ofwfb: fix boot on LE
    
    Some framebuffer properties obtained from the device tree were not being
    properly converted to host endian.
    Replace OF_getprop calls by OF_getencprop where needed to fix this.
    
    This fixes boot on PowerPC64 LE, when using ofwfb as the system console.
    
    Reviewed by:    bdragon
    Sponsored by:   Eldorado Research Institute (eldorado.org.br)
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D27475
    
    (cherry picked from commit 043577b721ec4e5c2ab7571e6c05cfd54e49473c)
---
 sys/dev/vt/hw/ofwfb/ofwfb.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/sys/dev/vt/hw/ofwfb/ofwfb.c b/sys/dev/vt/hw/ofwfb/ofwfb.c
index 8a1b7b3688a7..9dc674c0ebf9 100644
--- a/sys/dev/vt/hw/ofwfb/ofwfb.c
+++ b/sys/dev/vt/hw/ofwfb/ofwfb.c
@@ -108,7 +108,7 @@ ofwfb_probe(struct vt_device *vd)
 		return (CN_DEAD);
 
 	node = -1;
-	if (OF_getprop(chosen, "stdout", &stdout, sizeof(stdout)) ==
+	if (OF_getencprop(chosen, "stdout", &stdout, sizeof(stdout)) ==
 	    sizeof(stdout))
 		node = OF_instance_to_package(stdout);
 	if (node == -1)
@@ -386,7 +386,7 @@ ofwfb_init(struct vt_device *vd)
 	char buf[64];
 	phandle_t chosen;
 	phandle_t node;
-	uint32_t depth, height, width, stride;
+	pcell_t depth, height, width, stride;
 	uint32_t vendor_id = 0;
 	cell_t adr[2];
 	uint64_t user_phys;
@@ -399,7 +399,7 @@ ofwfb_init(struct vt_device *vd)
 
 	node = -1;
 	chosen = OF_finddevice("/chosen");
-	if (OF_getprop(chosen, "stdout", &sc->sc_handle,
+	if (OF_getencprop(chosen, "stdout", &sc->sc_handle,
 	    sizeof(ihandle_t)) == sizeof(ihandle_t))
 		node = OF_instance_to_package(sc->sc_handle);
 	if (node == -1)
@@ -448,14 +448,14 @@ ofwfb_init(struct vt_device *vd)
 		return (CN_DEAD);
 
 	/* Only support 8 and 32-bit framebuffers */
-	OF_getprop(node, "depth", &depth, sizeof(depth));
+	OF_getencprop(node, "depth", &depth, sizeof(depth));
 	if (depth != 8 && depth != 32)
 		return (CN_DEAD);
 	sc->fb.fb_bpp = sc->fb.fb_depth = depth;
 
-	OF_getprop(node, "height", &height, sizeof(height));
-	OF_getprop(node, "width", &width, sizeof(width));
-	if (OF_getprop(node, "linebytes", &stride, sizeof(stride)) !=
+	OF_getencprop(node, "height", &height, sizeof(height));
+	OF_getencprop(node, "width", &width, sizeof(width));
+	if (OF_getencprop(node, "linebytes", &stride, sizeof(stride)) !=
 	    sizeof(stride))
 		stride = width*depth/8;
 
@@ -537,11 +537,11 @@ ofwfb_init(struct vt_device *vd)
 		 * may be the child of the PCI device: in that case, try the
 		 * parent for the assigned-addresses property.
 		 */
-		len = OF_getprop(node, "assigned-addresses", pciaddrs,
-		    sizeof(pciaddrs));
+		len = OF_getencprop(node, "assigned-addresses",
+		    (pcell_t *)pciaddrs, sizeof(pciaddrs));
 		if (len == -1) {
-			len = OF_getprop(OF_parent(node), "assigned-addresses",
-			    pciaddrs, sizeof(pciaddrs));
+			len = OF_getencprop(OF_parent(node), "assigned-addresses",
+			    (pcell_t *)pciaddrs, sizeof(pciaddrs));
 		}
 		if (len == -1)
 			len = 0;

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 16:00:41 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C20A85B370F;
 Mon, 22 Mar 2021 16:00:41 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F3zk15B2zz3sYl;
 Mon, 22 Mar 2021 16:00:41 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A535910C8B;
 Mon, 22 Mar 2021 16:00:41 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MG0fl6092806;
 Mon, 22 Mar 2021 16:00:41 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MG0fNv092805;
 Mon, 22 Mar 2021 16:00:41 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 16:00:41 GMT
Message-Id: <202103221600.12MG0fNv092805@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 46f44865e3c9 - stable/13 - iflib: Make if_shared_ctx_t a pointer
 to const
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 46f44865e3c9bbfa4097a37fa8d33aa2e5adc729
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 16:00:41 -0000

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=46f44865e3c9bbfa4097a37fa8d33aa2e5adc729

commit 46f44865e3c9bbfa4097a37fa8d33aa2e5adc729
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-08 17:39:06 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-22 15:42:18 +0000

    iflib: Make if_shared_ctx_t a pointer to const
    
    This structure is shared among multiple instances of a driver, so we
    should ensure that it doesn't somehow get treated as if there's a
    separate instance per interface.  This is especially important for
    software-only drivers like wg.
    
    DEVICE_REGISTER() still returns a void * and so the per-driver sctx
    structures are not yet defined with the const qualifier.
    
    Reviewed by:    gallatin, erj
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D29102
    
    (cherry picked from commit ffe3def903a5f239c319e5fe12450659658974a5)
---
 sys/dev/bnxt/if_bnxt.c   | 4 +---
 sys/dev/e1000/if_em.c    | 8 ++------
 sys/dev/e1000/igb_txrx.c | 2 --
 sys/dev/ixgbe/if_ix.c    | 4 +---
 sys/dev/ixgbe/if_ixv.c   | 4 +---
 sys/dev/ixgbe/ix_txrx.c  | 2 --
 sys/dev/ixl/if_iavf.c    | 4 +---
 sys/dev/ixl/if_ixl.c     | 4 +---
 sys/net/iflib.h          | 2 +-
 9 files changed, 8 insertions(+), 26 deletions(-)

diff --git a/sys/dev/bnxt/if_bnxt.c b/sys/dev/bnxt/if_bnxt.c
index 7811f4fdebf0..9990e26263b3 100644
--- a/sys/dev/bnxt/if_bnxt.c
+++ b/sys/dev/bnxt/if_bnxt.c
@@ -327,8 +327,6 @@ static struct if_shared_ctx bnxt_sctx_init = {
 	.isc_driver_version = bnxt_driver_version,
 };
 
-if_shared_ctx_t bnxt_sctx = &bnxt_sctx_init;
-
 /*
  * Device Methods
  */
@@ -336,7 +334,7 @@ if_shared_ctx_t bnxt_sctx = &bnxt_sctx_init;
 static void *
 bnxt_register(device_t dev)
 {
-	return bnxt_sctx;
+	return (&bnxt_sctx_init);
 }
 
 /*
diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c
index 11d11e7bf790..abc78952a560 100644
--- a/sys/dev/e1000/if_em.c
+++ b/sys/dev/e1000/if_em.c
@@ -554,8 +554,6 @@ static struct if_shared_ctx em_sctx_init = {
 	.isc_ntxd_default = {EM_DEFAULT_TXD},
 };
 
-if_shared_ctx_t em_sctx = &em_sctx_init;
-
 static struct if_shared_ctx igb_sctx_init = {
 	.isc_magic = IFLIB_MAGIC,
 	.isc_q_align = PAGE_SIZE,
@@ -583,8 +581,6 @@ static struct if_shared_ctx igb_sctx_init = {
 	.isc_ntxd_default = {EM_DEFAULT_TXD},
 };
 
-if_shared_ctx_t igb_sctx = &igb_sctx_init;
-
 /*****************************************************************
  *
  * Dump Registers
@@ -707,13 +703,13 @@ static int em_get_regs(SYSCTL_HANDLER_ARGS)
 static void *
 em_register(device_t dev)
 {
-	return (em_sctx);
+	return (&em_sctx_init);
 }
 
 static void *
 igb_register(device_t dev)
 {
-	return (igb_sctx);
+	return (&igb_sctx_init);
 }
 
 static int
diff --git a/sys/dev/e1000/igb_txrx.c b/sys/dev/e1000/igb_txrx.c
index 6c41d440c769..9f1921bf0c7e 100644
--- a/sys/dev/e1000/igb_txrx.c
+++ b/sys/dev/e1000/igb_txrx.c
@@ -72,8 +72,6 @@ struct if_txrx igb_txrx = {
 	.ift_legacy_intr = em_intr
 };
 
-extern if_shared_ctx_t em_sctx;
-
 /**********************************************************************
  *
  *  Setup work for hardware segmentation offload (TSO) on
diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c
index 9f3674cdab5d..6e65f6bae55a 100644
--- a/sys/dev/ixgbe/if_ix.c
+++ b/sys/dev/ixgbe/if_ix.c
@@ -392,8 +392,6 @@ static struct if_shared_ctx ixgbe_sctx_init = {
 	.isc_ntxd_default = {DEFAULT_TXD},
 };
 
-if_shared_ctx_t ixgbe_sctx = &ixgbe_sctx_init;
-
 /************************************************************************
  * ixgbe_if_tx_queues_alloc
  ************************************************************************/
@@ -855,7 +853,7 @@ ixgbe_initialize_transmit_units(if_ctx_t ctx)
 static void *
 ixgbe_register(device_t dev)
 {
-	return (ixgbe_sctx);
+	return (&ixgbe_sctx_init);
 } /* ixgbe_register */
 
 /************************************************************************
diff --git a/sys/dev/ixgbe/if_ixv.c b/sys/dev/ixgbe/if_ixv.c
index 6bd92d262558..ee139430d42b 100644
--- a/sys/dev/ixgbe/if_ixv.c
+++ b/sys/dev/ixgbe/if_ixv.c
@@ -233,12 +233,10 @@ static struct if_shared_ctx ixv_sctx_init = {
 	.isc_ntxd_default = {DEFAULT_TXD},
 };
 
-if_shared_ctx_t ixv_sctx = &ixv_sctx_init;
-
 static void *
 ixv_register(device_t dev)
 {
-	return (ixv_sctx);
+	return (&ixv_sctx_init);
 }
 
 /************************************************************************
diff --git a/sys/dev/ixgbe/ix_txrx.c b/sys/dev/ixgbe/ix_txrx.c
index 43e64b0c0df0..9d31e0b1b43e 100644
--- a/sys/dev/ixgbe/ix_txrx.c
+++ b/sys/dev/ixgbe/ix_txrx.c
@@ -72,8 +72,6 @@ struct if_txrx ixgbe_txrx  = {
 	.ift_legacy_intr = NULL
 };
 
-extern if_shared_ctx_t ixgbe_sctx;
-
 /************************************************************************
  * ixgbe_tx_ctx_setup
  *
diff --git a/sys/dev/ixl/if_iavf.c b/sys/dev/ixl/if_iavf.c
index 394656d27a2f..f6eb91c2a855 100644
--- a/sys/dev/ixl/if_iavf.c
+++ b/sys/dev/ixl/if_iavf.c
@@ -272,13 +272,11 @@ static struct if_shared_ctx iavf_sctx_init = {
 	.isc_ntxd_default = {IXL_DEFAULT_RING},
 };
 
-if_shared_ctx_t iavf_sctx = &iavf_sctx_init;
-
 /*** Functions ***/
 static void *
 iavf_register(device_t dev)
 {
-	return (iavf_sctx);
+	return (&iavf_sctx_init);
 }
 
 static int
diff --git a/sys/dev/ixl/if_ixl.c b/sys/dev/ixl/if_ixl.c
index a79648de274f..c700af889cf1 100644
--- a/sys/dev/ixl/if_ixl.c
+++ b/sys/dev/ixl/if_ixl.c
@@ -351,13 +351,11 @@ static struct if_shared_ctx ixl_sctx_init = {
 	.isc_ntxd_default = {IXL_DEFAULT_RING},
 };
 
-if_shared_ctx_t ixl_sctx = &ixl_sctx_init;
-
 /*** Functions ***/
 static void *
 ixl_register(device_t dev)
 {
-	return (ixl_sctx);
+	return (&ixl_sctx_init);
 }
 
 static int
diff --git a/sys/net/iflib.h b/sys/net/iflib.h
index a30740e67b6e..fcf96215d398 100644
--- a/sys/net/iflib.h
+++ b/sys/net/iflib.h
@@ -49,7 +49,7 @@ typedef uint16_t qidx_t;
 struct iflib_ctx;
 typedef struct iflib_ctx *if_ctx_t;
 struct if_shared_ctx;
-typedef struct if_shared_ctx *if_shared_ctx_t;
+typedef const struct if_shared_ctx *if_shared_ctx_t;
 struct if_int_delay_info;
 typedef struct if_int_delay_info  *if_int_delay_info_t;
 struct if_pseudo;

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 16:18:56 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 883F05B3E08;
 Mon, 22 Mar 2021 16:18:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F40743WDpz3tT6;
 Mon, 22 Mar 2021 16:18:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6700810E9F;
 Mon, 22 Mar 2021 16:18:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MGIuao012500;
 Mon, 22 Mar 2021 16:18:56 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MGIuIL012499;
 Mon, 22 Mar 2021 16:18:56 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 16:18:56 GMT
Message-Id: <202103221618.12MGIuIL012499@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mitchell Horne <mhorne@FreeBSD.org>
Subject: git: b3598ed444ee - stable/13 - armv8crypto: note derivation in
 armv8_crypto_wrap.c
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mhorne
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: b3598ed444ee1e1ab4f494cdc94b09bc09612445
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 16:18:56 -0000

The branch stable/13 has been updated by mhorne:

URL: https://cgit.FreeBSD.org/src/commit/?id=b3598ed444ee1e1ab4f494cdc94b09bc09612445

commit b3598ed444ee1e1ab4f494cdc94b09bc09612445
Author:     Mitchell Horne <mhorne@FreeBSD.org>
AuthorDate: 2021-03-15 13:46:03 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2021-03-22 16:14:51 +0000

    armv8crypto: note derivation in armv8_crypto_wrap.c
    
    This file inherits some boilerplate and structure from the analogous
    file in aesni(4), aesni_wrap.c. Note the derivation and the copyright
    holders of that file.
    
    For example, the AES-XTS bits added in 4979620ece984 were ported from
    aesni(4).
    
    Requested by:   jmg
    Reviewed by:    imp, gnn
    
    (cherry picked from commit da45b462664148ff6f8adbe59847c6c06f295391)
---
 sys/crypto/armv8/armv8_crypto_wrap.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sys/crypto/armv8/armv8_crypto_wrap.c b/sys/crypto/armv8/armv8_crypto_wrap.c
index eb4a431d33e9..3c0223964ee4 100644
--- a/sys/crypto/armv8/armv8_crypto_wrap.c
+++ b/sys/crypto/armv8/armv8_crypto_wrap.c
@@ -26,6 +26,13 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
+ * This file is derived from aesni_wrap.c:
+ * Copyright (C) 2008 Damien Miller <djm@mindrot.org>
+ * Copyright (c) 2010 Konstantin Belousov <kib@FreeBSD.org>
+ * Copyright (c) 2010-2011 Pawel Jakub Dawidek <pawel@dawidek.net>
+ * Copyright 2012-2013 John-Mark Gurney <jmg@FreeBSD.org>
+ * Copyright (c) 2014 The FreeBSD Foundation
  */
 
 /*

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 21:48:07 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 059755BB6C9;
 Mon, 22 Mar 2021 21:48:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F47Qt6XZrz4nT2;
 Mon, 22 Mar 2021 21:48:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D34991541F;
 Mon, 22 Mar 2021 21:48:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MLm6um074554;
 Mon, 22 Mar 2021 21:48:06 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MLm6Wl074553;
 Mon, 22 Mar 2021 21:48:06 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 21:48:06 GMT
Message-Id: <202103222148.12MLm6Wl074553@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ryan Moeller <freqlabs@FreeBSD.org>
Subject: git: b304cd9789ca - stable/12 - Drop EFI_STAGING_SIZE back down to 64M
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: freqlabs
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: b304cd9789ca7ff3df629af42a976450e8660a11
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 21:48:07 -0000

The branch stable/12 has been updated by freqlabs:

URL: https://cgit.FreeBSD.org/src/commit/?id=b304cd9789ca7ff3df629af42a976450e8660a11

commit b304cd9789ca7ff3df629af42a976450e8660a11
Author:     Warner Losh <imp@FreeBSD.org>
AuthorDate: 2020-12-17 17:02:09 +0000
Commit:     Ryan Moeller <freqlabs@FreeBSD.org>
CommitDate: 2021-03-22 20:30:23 +0000

    Drop EFI_STAGING_SIZE back down to 64M
    
    vmware can't cope with anything larger than 64MB. Drop this back to
    64MB everywhere but arm.
    
    PR: 251866
    MFC After: 1 week
    
    (cherry picked from commit 4d6047edb675e52b8fad57135ab3ded8e66d0dac)
---
 stand/efi/loader/copy.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/stand/efi/loader/copy.c b/stand/efi/loader/copy.c
index 6499a44b9bbe..6ad673d62897 100644
--- a/stand/efi/loader/copy.c
+++ b/stand/efi/loader/copy.c
@@ -176,9 +176,7 @@ out:
 #endif /* __i386__ || __amd64__ */
 
 #ifndef EFI_STAGING_SIZE
-#if defined(__amd64__)
-#define	EFI_STAGING_SIZE	100
-#elif defined(__arm__)
+#if defined(__arm__)
 #define	EFI_STAGING_SIZE	32
 #else
 #define	EFI_STAGING_SIZE	64

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 22:08:28 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C1C9D5BBE45
 for <dev-commits-src-branches@mailman.nyi.freebsd.org>;
 Mon, 22 Mar 2021 22:08:28 +0000 (UTC)
 (envelope-from sobomax@sippysoft.com)
Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com
 [209.85.208.46])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F47tN50gbz4pcd
 for <dev-commits-src-branches@freebsd.org>;
 Mon, 22 Mar 2021 22:08:28 +0000 (UTC)
 (envelope-from sobomax@sippysoft.com)
Received: by mail-ed1-f46.google.com with SMTP id dm8so21261797edb.2
 for <dev-commits-src-branches@freebsd.org>;
 Mon, 22 Mar 2021 15:08:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=Gck2RxCOxD/cT4uzEpoa7zKSHw2ZgYnpyIZbZFy+Sug=;
 b=Xlz55GmmM3CA2RDK7zQ8KEuVxwJF1Hf5vQhDyvPyC086pwaTQTL8gFG1l7URf5NhDn
 K8pocD5hlQ8fVsWuRCjr+y2y2LevcOHnUjdT399s1Aj/u0O2g2GccP1abq1IF8RcbeGC
 SNEJIlKGCYUr0WQHuB4on0GjX1CF/wnXWBIrYAnGjaKTonDg4jikbwR4koACOjWhYEM2
 yfm7qfondjR0dhC8Krb5ZQtcnuL0Ogr9K8kjpblyqW50fMuczGkiYawBKoXipgx0LcKP
 SnaXy2nObjbjjJsLIEJvx39GpV08c6W+rx08QspddjATFdBvrrBFCUsk1aH4z6/ETaCo
 5wfA==
X-Gm-Message-State: AOAM532wA9PW5Gd+bX4qn6TM2aZgekPcnUjTSkF8qsN0UxpKW0LShxxQ
 U6QWt7mBYVhxzTRsm9Y7y/6v3PG0XXeGnVmCUJLvSA==
X-Google-Smtp-Source: ABdhPJzs/vHMGDHYXx8Dq3tAIqOsrRxPodouhfLHdiAPUT6I76yQ8AqnmDKmA8iT41Sh8vrg2N/pVlUDkxqU8GejTaY=
X-Received: by 2002:aa7:cc94:: with SMTP id p20mr1689022edt.353.1616450907245; 
 Mon, 22 Mar 2021 15:08:27 -0700 (PDT)
MIME-Version: 1.0
References: <202103222148.12MLm6Wl074553@gitrepo.freebsd.org>
In-Reply-To: <202103222148.12MLm6Wl074553@gitrepo.freebsd.org>
From: Maxim Sobolev <sobomax@freebsd.org>
Date: Mon, 22 Mar 2021 15:08:16 -0700
Message-ID: <CAH7qZfs5-Df86_rE0cwdaSfbSDcZCBF3-BPN0OkE1SxAPcBP+A@mail.gmail.com>
Subject: Re: git: b304cd9789ca - stable/12 - Drop EFI_STAGING_SIZE back down
 to 64M
To: Ryan Moeller <freqlabs@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>,
 dev-commits-src-all@freebsd.org, dev-commits-src-branches@freebsd.org
X-Rspamd-Queue-Id: 4F47tN50gbz4pcd
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.34
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 22:08:28 -0000

Hmm, that's really annoying, reminiscent of the old DOS days, where you
might have few megs of memory, but won't be able to use it due to some
bios/motherboard quirk. :-/

Can we at least have some specific section for VMWare to teak that in? We
already have the HYPER-V section in that file, so it's not unheard of. At
the very least other virtual machines (i.e. VirtualBox in the EFI mode or
majority "real" EFI servers) do not have this restriction.

Thanks!

-Max

On Mon, Mar 22, 2021 at 2:48 PM Ryan Moeller <freqlabs@freebsd.org> wrote:

> The branch stable/12 has been updated by freqlabs:
>
> URL:
> https://cgit.FreeBSD.org/src/commit/?id=b304cd9789ca7ff3df629af42a976450e8660a11
>
> commit b304cd9789ca7ff3df629af42a976450e8660a11
> Author:     Warner Losh <imp@FreeBSD.org>
> AuthorDate: 2020-12-17 17:02:09 +0000
> Commit:     Ryan Moeller <freqlabs@FreeBSD.org>
> CommitDate: 2021-03-22 20:30:23 +0000
>
>     Drop EFI_STAGING_SIZE back down to 64M
>
>     vmware can't cope with anything larger than 64MB. Drop this back to
>     64MB everywhere but arm.
>
>     PR: 251866
>     MFC After: 1 week
>
>     (cherry picked from commit 4d6047edb675e52b8fad57135ab3ded8e66d0dac)
> ---
>  stand/efi/loader/copy.c | 4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/stand/efi/loader/copy.c b/stand/efi/loader/copy.c
> index 6499a44b9bbe..6ad673d62897 100644
> --- a/stand/efi/loader/copy.c
> +++ b/stand/efi/loader/copy.c
> @@ -176,9 +176,7 @@ out:
>  #endif /* __i386__ || __amd64__ */
>
>  #ifndef EFI_STAGING_SIZE
> -#if defined(__amd64__)
> -#define        EFI_STAGING_SIZE        100
> -#elif defined(__arm__)
> +#if defined(__arm__)
>  #define        EFI_STAGING_SIZE        32
>  #else
>  #define        EFI_STAGING_SIZE        64
>
>

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 22:51:53 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id F199F5BD416;
 Mon, 22 Mar 2021 22:51:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F48rT6Rj8z4sL9;
 Mon, 22 Mar 2021 22:51:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C56C315E62;
 Mon, 22 Mar 2021 22:51:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MMprHE071490;
 Mon, 22 Mar 2021 22:51:53 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MMpr8l071489;
 Mon, 22 Mar 2021 22:51:53 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 22:51:53 GMT
Message-Id: <202103222251.12MMpr8l071489@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 444aff36738a - stable/13 - cam: Permit non-pollable sims.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 444aff36738a98235306aa002d3dfe74cc475765
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 22:51:54 -0000

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=444aff36738a98235306aa002d3dfe74cc475765

commit 444aff36738a98235306aa002d3dfe74cc475765
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-02-11 21:49:43 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-03-22 20:36:09 +0000

    cam: Permit non-pollable sims.
    
    Some CAM sim drivers do not support polling (notably iscsi(4)).
    Rather than using a no-op poll routine that always times out requests,
    permit a SIM to set a NULL poll callback.  cam_periph_runccb() will
    fail polled requests non-pollable sims immediately as if they had
    timed out.
    
    Sponsored by:   Chelsio
    
    (cherry picked from commit 447b3557a9cc5f00a301be8404339f21a9a0faa8)
    (cherry picked from commit e6405c8c37335a42a187a9d2470025b57347b1b5)
---
 sys/cam/cam_periph.c | 6 +++++-
 sys/cam/cam_sim.h    | 6 ++++++
 sys/cam/cam_xpt.c    | 5 +++++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/sys/cam/cam_periph.c b/sys/cam/cam_periph.c
index 92f7c33cbc75..98b9264f1069 100644
--- a/sys/cam/cam_periph.c
+++ b/sys/cam/cam_periph.c
@@ -54,6 +54,7 @@ __FBSDID("$FreeBSD$");
 #include <cam/cam_ccb.h>
 #include <cam/cam_queue.h>
 #include <cam/cam_xpt_periph.h>
+#include <cam/cam_xpt_internal.h>
 #include <cam/cam_periph.h>
 #include <cam/cam_debug.h>
 #include <cam/cam_sim.h>
@@ -1247,7 +1248,10 @@ cam_periph_runccb(union ccb *ccb,
 	 * in the do loop below.
 	 */
 	if (must_poll) {
-		timeout = xpt_poll_setup(ccb);
+		if (cam_sim_pollable(ccb->ccb_h.path->bus->sim))
+			timeout = xpt_poll_setup(ccb);
+		else
+			timeout = 0;
 	}
 
 	if (timeout == 0) {
diff --git a/sys/cam/cam_sim.h b/sys/cam/cam_sim.h
index 589d2bd1f16d..a1595a51fadb 100644
--- a/sys/cam/cam_sim.h
+++ b/sys/cam/cam_sim.h
@@ -142,5 +142,11 @@ cam_sim_bus(const struct cam_sim *sim)
 	return (sim->bus_id);
 }
 
+static __inline bool
+cam_sim_pollable(const struct cam_sim *sim)
+{
+	return (sim->sim_poll != NULL);
+}
+
 #endif /* _KERNEL */
 #endif /* _CAM_CAM_SIM_H */
diff --git a/sys/cam/cam_xpt.c b/sys/cam/cam_xpt.c
index d71b8ef81240..9cfee80a6049 100644
--- a/sys/cam/cam_xpt.c
+++ b/sys/cam/cam_xpt.c
@@ -3181,6 +3181,7 @@ xpt_sim_poll(struct cam_sim *sim)
 {
 	struct mtx *mtx;
 
+	KASSERT(cam_sim_pollable(sim), ("%s: non-pollable sim", __func__));
 	mtx = sim->mtx;
 	if (mtx)
 		mtx_lock(mtx);
@@ -3203,6 +3204,8 @@ xpt_poll_setup(union ccb *start_ccb)
 	devq = sim->devq;
 	dev = start_ccb->ccb_h.path->device;
 
+	KASSERT(cam_sim_pollable(sim), ("%s: non-pollable sim", __func__));
+
 	/*
 	 * Steal an opening so that no other queued requests
 	 * can get it before us while we simulate interrupts.
@@ -3226,6 +3229,8 @@ void
 xpt_pollwait(union ccb *start_ccb, uint32_t timeout)
 {
 
+	KASSERT(cam_sim_pollable(start_ccb->ccb_h.path->bus->sim),
+	    ("%s: non-pollable sim", __func__));
 	while (--timeout > 0) {
 		xpt_sim_poll(start_ccb->ccb_h.path->bus->sim);
 		if ((start_ccb->ccb_h.status & CAM_STATUS_MASK)

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 22:51:55 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 192A25BCED1;
 Mon, 22 Mar 2021 22:51:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F48rW00sgz4rkd;
 Mon, 22 Mar 2021 22:51:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DDDC215E64;
 Mon, 22 Mar 2021 22:51:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MMpsSp071512;
 Mon, 22 Mar 2021 22:51:54 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MMpsAu071511;
 Mon, 22 Mar 2021 22:51:54 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 22:51:54 GMT
Message-Id: <202103222251.12MMpsAu071511@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 9df8f5a9c684 - stable/13 - cam: Don't permit crashdumps on
 non-pollable devices.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 9df8f5a9c684358e1cf713cb85aa72416d92af48
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 22:51:55 -0000

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=9df8f5a9c684358e1cf713cb85aa72416d92af48

commit 9df8f5a9c684358e1cf713cb85aa72416d92af48
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-02-11 21:51:01 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-03-22 20:37:38 +0000

    cam: Don't permit crashdumps on non-pollable devices.
    
    If a disk's SIM doesn't support polling, then it can't be used to
    store crashdumps.  Leave d_dump NULL in that case so that dumpon(8)
    fails gracefully rather than having dumps fail at crash time.
    
    Sponsored by:   Chelsio
    
    (cherry picked from commit e07ac3f2fd7336e04178d116033989a6c099fec4)
---
 sys/cam/ata/ata_da.c   | 3 ++-
 sys/cam/nvme/nvme_da.c | 3 ++-
 sys/cam/scsi/scsi_da.c | 5 +++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/sys/cam/ata/ata_da.c b/sys/cam/ata/ata_da.c
index a34df577174c..38d996510f98 100644
--- a/sys/cam/ata/ata_da.c
+++ b/sys/cam/ata/ata_da.c
@@ -1880,7 +1880,8 @@ adaregister(struct cam_periph *periph, void *arg)
 	softc->disk->d_close = adaclose;
 	softc->disk->d_strategy = adastrategy;
 	softc->disk->d_getattr = adagetattr;
-	softc->disk->d_dump = adadump;
+	if (cam_sim_pollable(periph->sim))
+		softc->disk->d_dump = adadump;
 	softc->disk->d_gone = adadiskgonecb;
 	softc->disk->d_name = "ada";
 	softc->disk->d_drv1 = periph;
diff --git a/sys/cam/nvme/nvme_da.c b/sys/cam/nvme/nvme_da.c
index 8e7f7318ce3b..baeaad182f3a 100644
--- a/sys/cam/nvme/nvme_da.c
+++ b/sys/cam/nvme/nvme_da.c
@@ -898,7 +898,8 @@ ndaregister(struct cam_periph *periph, void *arg)
 	disk->d_strategy = ndastrategy;
 	disk->d_ioctl = ndaioctl;
 	disk->d_getattr = ndagetattr;
-	disk->d_dump = ndadump;
+	if (cam_sim_pollable(periph->sim))
+		disk->d_dump = ndadump;
 	disk->d_gone = ndadiskgonecb;
 	disk->d_name = "nda";
 	disk->d_drv1 = periph;
diff --git a/sys/cam/scsi/scsi_da.c b/sys/cam/scsi/scsi_da.c
index 73e5e0c3e14c..c13b51921745 100644
--- a/sys/cam/scsi/scsi_da.c
+++ b/sys/cam/scsi/scsi_da.c
@@ -2849,7 +2849,7 @@ daregister(struct cam_periph *periph, void *arg)
 	TASK_INIT(&softc->sysctl_task, 0, dasysctlinit, periph);
 
 	/*
-	 * Take an exclusive section lock qon the periph while dastart is called
+	 * Take an exclusive section lock on the periph while dastart is called
 	 * to finish the probe.  The lock will be dropped in dadone at the end
 	 * of probe. This locks out daopen and daclose from racing with the
 	 * probe.
@@ -2914,7 +2914,8 @@ daregister(struct cam_periph *periph, void *arg)
 	softc->disk->d_open = daopen;
 	softc->disk->d_close = daclose;
 	softc->disk->d_strategy = dastrategy;
-	softc->disk->d_dump = dadump;
+	if (cam_sim_pollable(periph->sim))
+		softc->disk->d_dump = dadump;
 	softc->disk->d_getattr = dagetattr;
 	softc->disk->d_gone = dadiskgonecb;
 	softc->disk->d_name = "da";

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 22:51:56 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 509825BD41A;
 Mon, 22 Mar 2021 22:51:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F48rX0SNYz4rtT;
 Mon, 22 Mar 2021 22:51:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0005515FD9;
 Mon, 22 Mar 2021 22:51:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MMpt3G071531;
 Mon, 22 Mar 2021 22:51:55 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MMptBX071530;
 Mon, 22 Mar 2021 22:51:55 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 22:51:55 GMT
Message-Id: <202103222251.12MMptBX071530@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 6a1dbc8ba956 - stable/13 - iscsi: Mark iSCSI CAM sims as
 non-pollable.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6a1dbc8ba95653c358afb23126a95d4aec51f48b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 22:51:56 -0000

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=6a1dbc8ba95653c358afb23126a95d4aec51f48b

commit 6a1dbc8ba95653c358afb23126a95d4aec51f48b
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-02-11 21:51:20 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-03-22 20:37:46 +0000

    iscsi: Mark iSCSI CAM sims as non-pollable.
    
    Previously, iscsi_poll() just panicked.  This meant if you got a panic
    on a box when using the iSCSI initiator, the attempt to shutdown would
    trigger a nested panic and never write out a core.  Now, CCB's sent to
    iSCSI devices (such as the sychronize-cache request in dashutdown())
    just fail with a timeout during a panic shutdown.
    
    Sponsored by:   Chelsio
    
    (cherry picked from commit 47769bc5573fc5d2263f9e20cb06f6c12d0a82e7)
---
 sys/dev/iscsi/iscsi.c | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/sys/dev/iscsi/iscsi.c b/sys/dev/iscsi/iscsi.c
index c4123d9f4aa7..4367f780d84b 100644
--- a/sys/dev/iscsi/iscsi.c
+++ b/sys/dev/iscsi/iscsi.c
@@ -171,7 +171,6 @@ static void	iscsi_pdu_handle_reject(struct icl_pdu *response);
 static void	iscsi_session_reconnect(struct iscsi_session *is);
 static void	iscsi_session_terminate(struct iscsi_session *is);
 static void	iscsi_action(struct cam_sim *sim, union ccb *ccb);
-static void	iscsi_poll(struct cam_sim *sim);
 static struct iscsi_outstanding	*iscsi_outstanding_find(struct iscsi_session *is,
 		    uint32_t initiator_task_tag);
 static struct iscsi_outstanding	*iscsi_outstanding_add(struct iscsi_session *is,
@@ -1491,7 +1490,7 @@ iscsi_ioctl_daemon_handoff(struct iscsi_softc *sc,
 			return (ENOMEM);
 		}
 
-		is->is_sim = cam_sim_alloc(iscsi_action, iscsi_poll, "iscsi",
+		is->is_sim = cam_sim_alloc(iscsi_action, NULL, "iscsi",
 		    is, is->is_id /* unit */, &is->is_lock,
 		    1, ic->ic_maxtags, is->is_devq);
 		if (is->is_sim == NULL) {
@@ -2462,13 +2461,6 @@ iscsi_action(struct cam_sim *sim, union ccb *ccb)
 	xpt_done(ccb);
 }
 
-static void
-iscsi_poll(struct cam_sim *sim)
-{
-
-	KASSERT(0, ("%s: you're not supposed to be here", __func__));
-}
-
 static void
 iscsi_terminate_sessions(struct iscsi_softc *sc)
 {

From owner-dev-commits-src-branches@freebsd.org  Mon Mar 22 22:55:29 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A575D5BD539;
 Mon, 22 Mar 2021 22:55:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F48wd4GfCz4sn9;
 Mon, 22 Mar 2021 22:55:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 80F9B15E70;
 Mon, 22 Mar 2021 22:55:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12MMtTKc072210;
 Mon, 22 Mar 2021 22:55:29 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12MMtTxi072209;
 Mon, 22 Mar 2021 22:55:29 GMT (envelope-from git)
Date: Mon, 22 Mar 2021 22:55:29 GMT
Message-Id: <202103222255.12MMtTxi072209@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 30e25f930445 - stable/13 - nlmrsa: Mark deprecated for 14.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 30e25f930445e1b76d16f3219b627b7b92aa2a42
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2021 22:55:29 -0000

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=30e25f930445e1b76d16f3219b627b7b92aa2a42

commit 30e25f930445e1b76d16f3219b627b7b92aa2a42
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-03-16 21:34:58 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-03-22 22:52:52 +0000

    nlmrsa: Mark deprecated for 14.
    
    This is the only in-tree driver for the asymmetric crypto support in
    OCF that is already marked deprecated for 14.
    
    Sponsored by:   Chelsio Communications
    
    (cherry picked from commit 096a84721670d388e432a1f7399251e4b20714f1)
---
 sys/mips/nlm/dev/sec/nlmrsa.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/mips/nlm/dev/sec/nlmrsa.c b/sys/mips/nlm/dev/sec/nlmrsa.c
index 3252ecbed9c9..42b904d22a64 100644
--- a/sys/mips/nlm/dev/sec/nlmrsa.c
+++ b/sys/mips/nlm/dev/sec/nlmrsa.c
@@ -296,6 +296,7 @@ xlp_rsa_attach(device_t dev)
 	if (xlp_rsa_init(sc, node) != 0)
 		goto error_exit;
 	device_printf(dev, "RSA Initialization complete!\n");
+	gone_in_dev(dev, 14, "Asymmetric crypto");
 	return (0);
 
 error_exit:

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 01:32:31 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8DA90571B71;
 Tue, 23 Mar 2021 01:32:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4DPq3fSDz3Lnw;
 Tue, 23 Mar 2021 01:32:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7057418437;
 Tue, 23 Mar 2021 01:32:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12N1WVMv095220;
 Tue, 23 Mar 2021 01:32:31 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12N1WVUH095219;
 Tue, 23 Mar 2021 01:32:31 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 01:32:31 GMT
Message-Id: <202103230132.12N1WVUH095219@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 7cde0b06f94c - stable/13 - stand: Load INIT_ARRAY and FINI_ARRAY
 sections
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7cde0b06f94cfa06ca7869a040e753e09b7c2ef0
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 01:32:31 -0000

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=7cde0b06f94cfa06ca7869a040e753e09b7c2ef0

commit 7cde0b06f94cfa06ca7869a040e753e09b7c2ef0
Author:     Mark Johnston <markjdb@gmail.com>
AuthorDate: 2021-03-16 19:01:41 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-23 01:32:08 +0000

    stand: Load INIT_ARRAY and FINI_ARRAY sections
    
    This is required for preloading modules into a KASAN-configured kernel.
    
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 7b1b5aad95df671aba3192f1669a8d96da481939)
---
 stand/common/load_elf_obj.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/stand/common/load_elf_obj.c b/stand/common/load_elf_obj.c
index 4bff74764922..78ece02433c6 100644
--- a/stand/common/load_elf_obj.c
+++ b/stand/common/load_elf_obj.c
@@ -264,6 +264,8 @@ __elfN(obj_loadimage)(struct preloaded_file *fp, elf_file_t ef, uint64_t off)
 #if defined(__i386__) || defined(__amd64__)
 		case SHT_X86_64_UNWIND:
 #endif
+		case SHT_INIT_ARRAY:
+		case SHT_FINI_ARRAY:
 			if ((shdr[i].sh_flags & SHF_ALLOC) == 0)
 				break;
 			lastaddr = roundup(lastaddr, shdr[i].sh_addralign);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 10:57:05 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A604C5AA2F7;
 Tue, 23 Mar 2021 10:57:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4SxF4Hkdz4gJg;
 Tue, 23 Mar 2021 10:57:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 81DF41FC89;
 Tue, 23 Mar 2021 10:57:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NAv5xr080631;
 Tue, 23 Mar 2021 10:57:05 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NAv5xL080630;
 Tue, 23 Mar 2021 10:57:05 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 10:57:05 GMT
Message-Id: <202103231057.12NAv5xL080630@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 7d7ed0223c0a - stable/13 - MFC c743a6bd4fc0: Implement
 mallocarray_domainset(9) variant of mallocarray(9).
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7d7ed0223c0a8a40c242650532e1e70e1f3946fb
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:57:05 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=7d7ed0223c0a8a40c242650532e1e70e1f3946fb

commit 7d7ed0223c0a8a40c242650532e1e70e1f3946fb
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-06 10:25:12 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 10:50:29 +0000

    MFC c743a6bd4fc0:
    Implement mallocarray_domainset(9) variant of mallocarray(9).
    
    Reviewed by:    kib @
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit c743a6bd4fc0d1be30f9bc9996333ac0ba079563)
---
 share/man/man9/Makefile |  1 +
 share/man/man9/malloc.9 | 13 ++++++++++++-
 sys/kern/kern_malloc.c  | 11 +++++++++++
 sys/sys/malloc.h        |  3 +++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 50e760d3e047..edb87de6a35f 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -1390,6 +1390,7 @@ MLINKS+=make_dev.9 destroy_dev.9 \
 MLINKS+=malloc.9 free.9 \
 	malloc.9 malloc_domainset.9 \
 	malloc.9 mallocarray.9 \
+	malloc.9 mallocarray_domainset.9 \
 	malloc.9 MALLOC_DECLARE.9 \
 	malloc.9 MALLOC_DEFINE.9 \
 	malloc.9 realloc.9 \
diff --git a/share/man/man9/malloc.9 b/share/man/man9/malloc.9
index 097688d7ea38..b8c6e504e0c0 100644
--- a/share/man/man9/malloc.9
+++ b/share/man/man9/malloc.9
@@ -29,7 +29,7 @@
 .\" $NetBSD: malloc.9,v 1.3 1996/11/11 00:05:11 lukem Exp $
 .\" $FreeBSD$
 .\"
-.Dd October 30, 2020
+.Dd March 6, 2021
 .Dt MALLOC 9
 .Os
 .Sh NAME
@@ -70,6 +70,8 @@
 .Fn malloc_domainset "size_t size" "struct malloc_type *type" "struct domainset *ds" "int flags"
 .Ft void *
 .Fn malloc_domainset_exec "size_t size" "struct malloc_type *type" "struct domainset *ds" "int flags"
+.Ft void *
+.Fn mallocarray_domainset "size_t nmemb" "size_t size" "struct malloc_type *type" "struct domainset *ds" "int flags"
 .Sh DESCRIPTION
 The
 .Fn malloc
@@ -102,6 +104,15 @@ entries whose size is specified by
 .Fa size .
 .Pp
 The
+.Fn mallocarray_domainset
+variant allocates memory from a specific
+.Xr numa 4
+domain using the specified domain selection policy.
+See
+.Xr domainset 9
+for some example policies.
+.Pp
+The
 .Fn free
 function releases memory at address
 .Fa addr
diff --git a/sys/kern/kern_malloc.c b/sys/kern/kern_malloc.c
index eff9e62c9a10..48383358e3ad 100644
--- a/sys/kern/kern_malloc.c
+++ b/sys/kern/kern_malloc.c
@@ -804,6 +804,17 @@ mallocarray(size_t nmemb, size_t size, struct malloc_type *type, int flags)
 	return (malloc(size * nmemb, type, flags));
 }
 
+void *
+mallocarray_domainset(size_t nmemb, size_t size, struct malloc_type *type,
+    struct domainset *ds, int flags)
+{
+
+	if (WOULD_OVERFLOW(nmemb, size))
+		panic("mallocarray_domainset: %zu * %zu overflowed", nmemb, size);
+
+	return (malloc_domainset(size * nmemb, type, ds, flags));
+}
+
 #ifdef INVARIANTS
 static void
 free_save_type(void *addr, struct malloc_type *mtp, u_long size)
diff --git a/sys/sys/malloc.h b/sys/sys/malloc.h
index a11dd767efc5..52a17b5171bc 100644
--- a/sys/sys/malloc.h
+++ b/sys/sys/malloc.h
@@ -245,6 +245,9 @@ void	*malloc_domainset(size_t size, struct malloc_type *type,
 void	*mallocarray(size_t nmemb, size_t size, struct malloc_type *type,
 	    int flags) __malloc_like __result_use_check
 	    __alloc_size2(1, 2);
+void	*mallocarray_domainset(size_t nmemb, size_t size, struct malloc_type *type,
+	    struct domainset *ds, int flags) __malloc_like __result_use_check
+	    __alloc_size2(1, 2);
 void	*malloc_exec(size_t size, struct malloc_type *type, int flags) __malloc_like
 	    __result_use_check __alloc_size(1);
 void	*malloc_domainset_exec(size_t size, struct malloc_type *type,

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 10:57:08 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4C2415AA69D;
 Tue, 23 Mar 2021 10:57:08 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4SxH6tR4z4gJj;
 Tue, 23 Mar 2021 10:57:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BD68A1FBA2;
 Tue, 23 Mar 2021 10:57:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NAv7xo080672;
 Tue, 23 Mar 2021 10:57:07 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NAv7vK080671;
 Tue, 23 Mar 2021 10:57:07 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 10:57:07 GMT
Message-Id: <202103231057.12NAv7vK080671@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: dd426d67647d - stable/13 - MFC 6eb60f5b7f7d: Use the word
 "LinuxKPI" instead of "Linux compatibility",
 to not confuse with user-space Linux compatibility support. No functional
 change.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: dd426d67647d8c819bf279040a0129af50cbdb66
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:57:09 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=dd426d67647d8c819bf279040a0129af50cbdb66

commit dd426d67647d8c819bf279040a0129af50cbdb66
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 11:21:01 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 10:51:04 +0000

    MFC 6eb60f5b7f7d:
    Use the word "LinuxKPI" instead of "Linux compatibility", to not confuse with
    user-space Linux compatibility support. No functional change.
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit 6eb60f5b7f7df1a59de139260aebfa0aa5f6d79e)
---
 sys/kern/kern_intr.c | 4 ++--
 sys/sys/interrupt.h  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/kern/kern_intr.c b/sys/kern/kern_intr.c
index 0e11af2123e2..41667b57fd4f 100644
--- a/sys/kern/kern_intr.c
+++ b/sys/kern/kern_intr.c
@@ -783,8 +783,8 @@ intr_handler_barrier(struct intr_handler *handler)
  * Sleep until an ithread finishes executing an interrupt handler.
  *
  * XXX Doesn't currently handle interrupt filters or fast interrupt
- * handlers.  This is intended for compatibility with linux drivers
- * only.  Do not use in BSD code.
+ * handlers. This is intended for LinuxKPI drivers only.
+ * Do not use in BSD code.
  */
 void
 _intr_drain(int irq)
diff --git a/sys/sys/interrupt.h b/sys/sys/interrupt.h
index f1770fe64b0b..56952e45fe75 100644
--- a/sys/sys/interrupt.h
+++ b/sys/sys/interrupt.h
@@ -190,7 +190,7 @@ int	intr_event_resume_handler(void *cookie);
 int	intr_getaffinity(int irq, int mode, void *mask);
 void	*intr_handler_source(void *cookie);
 int	intr_setaffinity(int irq, int mode, void *mask);
-void	_intr_drain(int irq);  /* Linux compat only. */
+void	_intr_drain(int irq);  /* LinuxKPI only. */
 int	swi_add(struct intr_event **eventp, const char *name,
 	    driver_intr_t handler, void *arg, int pri, enum intr_type flags,
 	    void **cookiep);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 10:57:06 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D719C5AA5C3;
 Tue, 23 Mar 2021 10:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4SxG5MNpz4g4j;
 Tue, 23 Mar 2021 10:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9C3D11FBA1;
 Tue, 23 Mar 2021 10:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NAv6lB080653;
 Tue, 23 Mar 2021 10:57:06 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NAv66H080652;
 Tue, 23 Mar 2021 10:57:06 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 10:57:06 GMT
Message-Id: <202103231057.12NAv66H080652@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 773811507d44 - stable/13 - MFC ebe5cf355dca: Implement basic
 support for allocating memory from a specific numa node in the LinuxKPI.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 773811507d44226a755f4649b4f0ab367d3c47d4
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:57:06 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=773811507d44226a755f4649b4f0ab367d3c47d4

commit 773811507d44226a755f4649b4f0ab367d3c47d4
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-05 11:44:06 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 10:50:47 +0000

    MFC ebe5cf355dca:
    Implement basic support for allocating memory from a specific numa node
    in the LinuxKPI.
    
    Differential Revision:  https://reviews.freebsd.org/D29077
    Reviewed by:    markj@ and kib@
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit ebe5cf355dca1d7827a70b99a9d9c4f97f78691d)
---
 sys/compat/linuxkpi/common/include/linux/compat.h |  2 +
 sys/compat/linuxkpi/common/include/linux/device.h |  8 ++-
 sys/compat/linuxkpi/common/include/linux/slab.h   | 37 ++++++++++++--
 sys/compat/linuxkpi/common/src/linux_domain.c     | 59 +++++++++++++++++++++++
 sys/conf/files                                    |  2 +
 sys/modules/linuxkpi/Makefile                     |  1 +
 6 files changed, 100 insertions(+), 9 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/compat.h b/sys/compat/linuxkpi/common/include/linux/compat.h
index 03b7dc60b7a1..84b7b47a36dc 100644
--- a/sys/compat/linuxkpi/common/include/linux/compat.h
+++ b/sys/compat/linuxkpi/common/include/linux/compat.h
@@ -35,11 +35,13 @@
 #include <sys/proc.h>
 #include <sys/malloc.h>
 
+struct domainset;
 struct thread;
 struct task_struct;
 
 extern int linux_alloc_current(struct thread *, int flags);
 extern void linux_free_current(struct task_struct *);
+extern struct domainset *linux_get_vm_domain_set(int node);
 
 static inline void
 linux_set_current(struct thread *td)
diff --git a/sys/compat/linuxkpi/common/include/linux/device.h b/sys/compat/linuxkpi/common/include/linux/device.h
index 2ffe70f45c6e..5acaa4142d62 100644
--- a/sys/compat/linuxkpi/common/include/linux/device.h
+++ b/sys/compat/linuxkpi/common/include/linux/device.h
@@ -554,11 +554,9 @@ class_remove_file(struct class *class, const struct class_attribute *attr)
 		sysfs_remove_file(&class->kobj, &attr->attr);
 }
 
-static inline int
-dev_to_node(struct device *dev)
-{
-	return -1;
-}
+#define	dev_to_node(dev) linux_dev_to_node(dev)
+#define	of_node_to_nid(node) -1
+int linux_dev_to_node(struct device *);
 
 char *kvasprintf(gfp_t, const char *, va_list);
 char *kasprintf(gfp_t, const char *, ...);
diff --git a/sys/compat/linuxkpi/common/include/linux/slab.h b/sys/compat/linuxkpi/common/include/linux/slab.h
index 0cd748b7ecb9..9494d458e87c 100644
--- a/sys/compat/linuxkpi/common/include/linux/slab.h
+++ b/sys/compat/linuxkpi/common/include/linux/slab.h
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Isilon Systems, Inc.
  * Copyright (c) 2010 iX Systems, Inc.
  * Copyright (c) 2010 Panasas, Inc.
- * Copyright (c) 2013-2017 Mellanox Technologies, Ltd.
+ * Copyright (c) 2013-2021 Mellanox Technologies, Ltd.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -38,6 +38,7 @@
 #include <sys/proc.h>
 #include <vm/uma.h>
 
+#include <linux/compat.h>
 #include <linux/types.h>
 #include <linux/gfp.h>
 #include <linux/llist.h>
@@ -48,16 +49,15 @@ MALLOC_DECLARE(M_KMALLOC);
 #define	kvzalloc(size, flags)		kmalloc(size, (flags) | __GFP_ZERO)
 #define	kvcalloc(n, size, flags)	kvmalloc_array(n, size, (flags) | __GFP_ZERO)
 #define	kzalloc(size, flags)		kmalloc(size, (flags) | __GFP_ZERO)
-#define	kzalloc_node(size, flags, node)	kmalloc(size, (flags) | __GFP_ZERO)
+#define	kzalloc_node(size, flags, node)	kmalloc_node(size, (flags) | __GFP_ZERO, node)
 #define	kfree_const(ptr)		kfree(ptr)
 #define	vzalloc(size)			__vmalloc(size, GFP_KERNEL | __GFP_NOWARN | __GFP_ZERO, 0)
 #define	vfree(arg)			kfree(arg)
 #define	kvfree(arg)			kfree(arg)
-#define	vmalloc_node(size, node)	__vmalloc(size, GFP_KERNEL, 0)
+#define	vmalloc_node(size, node)	__vmalloc_node(size, GFP_KERNEL, node)
 #define	vmalloc_user(size)		__vmalloc(size, GFP_KERNEL | __GFP_ZERO, 0)
 #define	vmalloc(size)			__vmalloc(size, GFP_KERNEL, 0)
 #define	__kmalloc(...)			kmalloc(__VA_ARGS__)
-#define	kmalloc_node(chunk, flags, n)	kmalloc(chunk, flags)
 
 /*
  * Prefix some functions with linux_ to avoid namespace conflict
@@ -126,6 +126,13 @@ kmalloc(size_t size, gfp_t flags)
 	return (malloc(size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kmalloc_node(size_t size, gfp_t flags, int node)
+{
+	return (malloc_domainset(size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 kcalloc(size_t n, size_t size, gfp_t flags)
 {
@@ -133,12 +140,27 @@ kcalloc(size_t n, size_t size, gfp_t flags)
 	return (mallocarray(n, size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kcalloc_node(size_t n, size_t size, gfp_t flags, int node)
+{
+	flags |= __GFP_ZERO;
+	return (mallocarray_domainset(n, size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 __vmalloc(size_t size, gfp_t flags, int other)
 {
 	return (malloc(size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+__vmalloc_node(size_t size, gfp_t flags, int node)
+{
+	return (malloc_domainset(size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 vmalloc_32(size_t size)
 {
@@ -151,6 +173,13 @@ kmalloc_array(size_t n, size_t size, gfp_t flags)
 	return (mallocarray(n, size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kmalloc_array_node(size_t n, size_t size, gfp_t flags, int node)
+{
+	return (mallocarray_domainset(n, size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 kvmalloc_array(size_t n, size_t size, gfp_t flags)
 {
diff --git a/sys/compat/linuxkpi/common/src/linux_domain.c b/sys/compat/linuxkpi/common/src/linux_domain.c
new file mode 100644
index 000000000000..acbf8821d42b
--- /dev/null
+++ b/sys/compat/linuxkpi/common/src/linux_domain.c
@@ -0,0 +1,59 @@
+/*-
+ * Copyright (c) 2021 NVIDIA Networking
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice unmodified, this list of conditions, and the following
+ *    disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/domainset.h>
+#include <sys/bus.h>
+
+#include <linux/compat.h>
+#include <linux/device.h>
+
+struct domainset *
+linux_get_vm_domain_set(int node)
+{
+	KASSERT(node < MAXMEMDOM, ("Invalid VM domain %d", node));
+
+	if (node < 0)
+		return (DOMAINSET_RR());
+	else
+		return (DOMAINSET_PREF(node));
+}
+
+int
+linux_dev_to_node(struct device *dev)
+{
+	int numa_domain;
+
+	if (dev == NULL || dev->bsddev == NULL ||
+	    bus_get_domain(dev->bsddev, &numa_domain) != 0)
+		return (-1);
+	else
+		return (numa_domain);
+}
diff --git a/sys/conf/files b/sys/conf/files
index 3df5fa812a9e..e68aa2118791 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -4562,6 +4562,8 @@ compat/linuxkpi/common/src/linux_devres.c	optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_dmi.c		optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
+compat/linuxkpi/common/src/linux_domain.c	optional compat_linuxkpi \
+	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_firmware.c	optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_hrtimer.c	optional compat_linuxkpi \
diff --git a/sys/modules/linuxkpi/Makefile b/sys/modules/linuxkpi/Makefile
index 4274d211b10e..81aa607f1302 100644
--- a/sys/modules/linuxkpi/Makefile
+++ b/sys/modules/linuxkpi/Makefile
@@ -6,6 +6,7 @@ SRCS=	linux_compat.c \
 	linux_current.c \
 	linux_devres.c \
 	linux_dmi.c \
+	linux_domain.c \
 	linux_firmware.c \
 	linux_hrtimer.c \
 	linux_idr.c \

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 10:57:10 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 10E235AA5C5;
 Tue, 23 Mar 2021 10:57:10 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4SxK3Chvz4gS9;
 Tue, 23 Mar 2021 10:57:09 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DE4B81FBA3;
 Tue, 23 Mar 2021 10:57:08 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NAv8mV080694;
 Tue, 23 Mar 2021 10:57:08 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NAv8dQ080693;
 Tue, 23 Mar 2021 10:57:08 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 10:57:08 GMT
Message-Id: <202103231057.12NAv8dQ080693@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 093204e2d032 - stable/13 - MFC d1cbe7908986: Allocating the
 LinuxKPI current structure from an interrupt thread must be done using the
 M_NOWAIT flag after 1ae20f7c70ea .
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 093204e2d032d53d9f29d412f6953c9315f0d405
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:57:10 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=093204e2d032d53d9f29d412f6953c9315f0d405

commit 093204e2d032d53d9f29d412f6953c9315f0d405
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 09:50:01 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 10:51:22 +0000

    MFC d1cbe7908986:
    Allocating the LinuxKPI current structure from an interrupt thread must be
    done using the M_NOWAIT flag after 1ae20f7c70ea .
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit d1cbe79089868226625c12ef49f51214d79aa427)
---
 sys/compat/linuxkpi/common/src/linux_compat.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c
index 2ad936311204..707c5e47512e 100644
--- a/sys/compat/linuxkpi/common/src/linux_compat.c
+++ b/sys/compat/linuxkpi/common/src/linux_compat.c
@@ -2384,7 +2384,8 @@ linux_irq_handler(void *ent)
 {
 	struct irq_ent *irqe;
 
-	linux_set_current(curthread);
+	if (linux_set_current_flags(curthread, M_NOWAIT))
+		return;
 
 	irqe = ent;
 	irqe->handler(irqe->irq, irqe->arg);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 10:57:12 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8D8C35AA69F;
 Tue, 23 Mar 2021 10:57:12 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4SxM0K6nz4g51;
 Tue, 23 Mar 2021 10:57:10 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 127DB1FC0E;
 Tue, 23 Mar 2021 10:57:10 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NAv94d080716;
 Tue, 23 Mar 2021 10:57:09 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NAv92N080715;
 Tue, 23 Mar 2021 10:57:09 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 10:57:09 GMT
Message-Id: <202103231057.12NAv92N080715@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 3e4fe9ca73be - stable/13 - MFC dfb33cb0ef48: Allocating the
 LinuxKPI current structure from a software interrupt thread must be done
 using the M_NOWAIT flag after 1ae20f7c70ea .
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3e4fe9ca73be69ecec948b49f9d2ea5379b385b1
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:57:12 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=3e4fe9ca73be69ecec948b49f9d2ea5379b385b1

commit 3e4fe9ca73be69ecec948b49f9d2ea5379b385b1
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 12:26:09 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 10:54:01 +0000

    MFC dfb33cb0ef48:
    Allocating the LinuxKPI current structure from a software interrupt thread
    must be done using the M_NOWAIT flag after 1ae20f7c70ea .
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit dfb33cb0ef48084da84072244e8ca486dfcf3a96)
---
 sys/compat/linuxkpi/common/src/linux_compat.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c
index 707c5e47512e..5f7e2664bee1 100644
--- a/sys/compat/linuxkpi/common/src/linux_compat.c
+++ b/sys/compat/linuxkpi/common/src/linux_compat.c
@@ -1913,9 +1913,15 @@ linux_timer_callback_wrapper(void *context)
 {
 	struct timer_list *timer;
 
-	linux_set_current(curthread);
-
 	timer = context;
+
+	if (linux_set_current_flags(curthread, M_NOWAIT)) {
+		/* try again later */
+		callout_reset(&timer->callout, 1,
+		    &linux_timer_callback_wrapper, timer);
+		return;
+	}
+
 	timer->function(timer->data);
 }
 

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:02:33 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DAA55AA7F2;
 Tue, 23 Mar 2021 11:02:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4T3Y2mX4z4h23;
 Tue, 23 Mar 2021 11:02:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 520B11F9D6;
 Tue, 23 Mar 2021 11:02:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NB2XNj094629;
 Tue, 23 Mar 2021 11:02:33 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NB2XsI094628;
 Tue, 23 Mar 2021 11:02:33 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:02:33 GMT
Message-Id: <202103231102.12NB2XsI094628@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Andriy Gapon <avg@FreeBSD.org>
Subject: git: 395e612b7bb1 - stable/13 - pchtherm: fix a wrong bit and a wrong
 register use
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: avg
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 395e612b7bb1874811f5bcd6136296dd7a76da1b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:02:33 -0000

The branch stable/13 has been updated by avg:

URL: https://cgit.FreeBSD.org/src/commit/?id=395e612b7bb1874811f5bcd6136296dd7a76da1b

commit 395e612b7bb1874811f5bcd6136296dd7a76da1b
Author:     Michal Vanco <michal.vanco@gmail.com>
AuthorDate: 2021-03-05 08:55:30 +0000
Commit:     Andriy Gapon <avg@FreeBSD.org>
CommitDate: 2021-03-23 11:01:20 +0000

    pchtherm: fix a wrong bit and a wrong register use
    
    Probably just copy-paste errors that slipped in.
    
    (cherry picked from commit 5084dde5f087264cf9a826569d1152c65d88a0fe)
    
    PR:             253915
    Reported by:    Michal Vanco <michal.vanco@gmail.com>
---
 sys/dev/intel/pchtherm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/dev/intel/pchtherm.c b/sys/dev/intel/pchtherm.c
index 13f0abc54b63..31d06a1bc26a 100644
--- a/sys/dev/intel/pchtherm.c
+++ b/sys/dev/intel/pchtherm.c
@@ -163,7 +163,7 @@ static int pchtherm_attach(device_t dev)
 			bus_write_1(sc->tbar, PCHTHERM_REG_TSEL,
 				    PCHTHERM_GEN_ENABLE);
 			sc->enable = bus_read_1(sc->tbar, PCHTHERM_REG_TSEL);
-			if (!(sc->enable & PCHTHERM_REG_TSEL)){
+			if (!(sc->enable & PCHTHERM_GEN_ENABLE)) {
 				device_printf(dev, "Sensor enable failed\n");
 				return 0;
 			}
@@ -178,7 +178,7 @@ static int pchtherm_attach(device_t dev)
 	if (bootverbose) {
 		FLAG_PRINT(dev, "SMBus report", val);
 	}
-	val = bus_read_1(sc->tbar, PCHTHERM_REG_TSC);
+	val = bus_read_1(sc->tbar, PCHTHERM_REG_TSMIC);
 	if (bootverbose) {
 		FLAG_PRINT(dev, "SMI on alert", val);
 	}

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:47:27 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AA6BB5ABBBF;
 Tue, 23 Mar 2021 11:47:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4V3M4S3Sz4kjB;
 Tue, 23 Mar 2021 11:47:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8B15C202CB;
 Tue, 23 Mar 2021 11:47:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NBlR7i050766;
 Tue, 23 Mar 2021 11:47:27 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NBlRBR050765;
 Tue, 23 Mar 2021 11:47:27 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:47:27 GMT
Message-Id: <202103231147.12NBlRBR050765@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 856415c36289 - stable/12 - MFC c743a6bd4fc0: Implement
 mallocarray_domainset(9) variant of mallocarray(9).
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 856415c36289a41826b565a97e3aa922e2412deb
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:47:27 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=856415c36289a41826b565a97e3aa922e2412deb

commit 856415c36289a41826b565a97e3aa922e2412deb
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-06 10:25:12 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 11:41:05 +0000

    MFC c743a6bd4fc0:
    Implement mallocarray_domainset(9) variant of mallocarray(9).
    
    Reviewed by:    kib @
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit c743a6bd4fc0d1be30f9bc9996333ac0ba079563)
---
 share/man/man9/Makefile |  1 +
 share/man/man9/malloc.9 | 13 ++++++++++++-
 sys/kern/kern_malloc.c  | 11 +++++++++++
 sys/sys/malloc.h        |  3 +++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 43f7d633cd70..8acf44f3dbeb 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -1306,6 +1306,7 @@ MLINKS+=malloc.9 free.9 \
 	malloc.9 malloc_domainset.9 \
 	malloc.9 free_domain.9 \
 	malloc.9 mallocarray.9 \
+	malloc.9 mallocarray_domainset.9 \
 	malloc.9 MALLOC_DECLARE.9 \
 	malloc.9 MALLOC_DEFINE.9 \
 	malloc.9 realloc.9 \
diff --git a/share/man/man9/malloc.9 b/share/man/man9/malloc.9
index b87c0e6887e1..bdfdaca6bba9 100644
--- a/share/man/man9/malloc.9
+++ b/share/man/man9/malloc.9
@@ -29,7 +29,7 @@
 .\" $NetBSD: malloc.9,v 1.3 1996/11/11 00:05:11 lukem Exp $
 .\" $FreeBSD$
 .\"
-.Dd August 28, 2020
+.Dd March 6, 2021
 .Dt MALLOC 9
 .Os
 .Sh NAME
@@ -64,6 +64,8 @@
 .In sys/domainset.h
 .Ft void *
 .Fn malloc_domainset "size_t size" "struct malloc_type *type" "struct domainset *ds" "int flags"
+.Ft void *
+.Fn mallocarray_domainset "size_t nmemb" "size_t size" "struct malloc_type *type" "struct domainset *ds" "int flags"
 .Ft void
 .Fn free_domain "void *addr" "struct malloc_type *type"
 .Sh DESCRIPTION
@@ -93,6 +95,15 @@ entries whose size is specified by
 .Fa size .
 .Pp
 The
+.Fn mallocarray_domainset
+variant allocates memory from a specific
+.Xr numa 4
+domain using the specified domain selection policy.
+See
+.Xr domainset 9
+for some example policies.
+.Pp
+The
 .Fn free
 function releases memory at address
 .Fa addr
diff --git a/sys/kern/kern_malloc.c b/sys/kern/kern_malloc.c
index 5e8af96cb1eb..41eef1d6a4ac 100644
--- a/sys/kern/kern_malloc.c
+++ b/sys/kern/kern_malloc.c
@@ -699,6 +699,17 @@ mallocarray(size_t nmemb, size_t size, struct malloc_type *type, int flags)
 	return (malloc(size * nmemb, type, flags));
 }
 
+void *
+mallocarray_domainset(size_t nmemb, size_t size, struct malloc_type *type,
+    struct domainset *ds, int flags)
+{
+
+	if (WOULD_OVERFLOW(nmemb, size))
+		panic("mallocarray_domainset: %zu * %zu overflowed", nmemb, size);
+
+	return (malloc_domainset(size * nmemb, type, ds, flags));
+}
+
 #ifdef INVARIANTS
 static void
 free_save_type(void *addr, struct malloc_type *mtp, u_long size)
diff --git a/sys/sys/malloc.h b/sys/sys/malloc.h
index fd50dbc495b4..bf7ec5c8e9c6 100644
--- a/sys/sys/malloc.h
+++ b/sys/sys/malloc.h
@@ -238,6 +238,9 @@ void	*malloc_domainset(size_t size, struct malloc_type *type,
 void	*mallocarray(size_t nmemb, size_t size, struct malloc_type *type,
 	    int flags) __malloc_like __result_use_check
 	    __alloc_size2(1, 2);
+void	*mallocarray_domainset(size_t nmemb, size_t size, struct malloc_type *type,
+	    struct domainset *ds, int flags) __malloc_like __result_use_check
+	    __alloc_size2(1, 2);
 void	malloc_init(void *);
 int	malloc_last_fail(void);
 void	malloc_type_allocated(struct malloc_type *type, unsigned long size);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:47:28 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D84485ABC32;
 Tue, 23 Mar 2021 11:47:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4V3N5kLsz4kgC;
 Tue, 23 Mar 2021 11:47:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B77FF20542;
 Tue, 23 Mar 2021 11:47:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NBlSuF050788;
 Tue, 23 Mar 2021 11:47:28 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NBlSA7050787;
 Tue, 23 Mar 2021 11:47:28 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:47:28 GMT
Message-Id: <202103231147.12NBlSA7050787@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 1a12a42a9ac5 - stable/12 - MFC ebe5cf355dca: Implement basic
 support for allocating memory from a specific numa node in the LinuxKPI.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 1a12a42a9ac533c29cb4100ae2481e72d53d424a
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:47:28 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=1a12a42a9ac533c29cb4100ae2481e72d53d424a

commit 1a12a42a9ac533c29cb4100ae2481e72d53d424a
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-05 11:44:06 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 11:44:01 +0000

    MFC ebe5cf355dca:
    Implement basic support for allocating memory from a specific numa node
    in the LinuxKPI.
    
    Differential Revision:  https://reviews.freebsd.org/D29077
    Reviewed by:    markj@ and kib@
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit ebe5cf355dca1d7827a70b99a9d9c4f97f78691d)
---
 sys/compat/linuxkpi/common/include/linux/compat.h |  2 +
 sys/compat/linuxkpi/common/include/linux/device.h |  8 ++-
 sys/compat/linuxkpi/common/include/linux/slab.h   | 37 ++++++++++++--
 sys/compat/linuxkpi/common/src/linux_domain.c     | 59 +++++++++++++++++++++++
 sys/conf/files                                    |  2 +
 sys/modules/linuxkpi/Makefile                     |  1 +
 6 files changed, 100 insertions(+), 9 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/compat.h b/sys/compat/linuxkpi/common/include/linux/compat.h
index 62ea3363394b..4da0e42f2fe4 100644
--- a/sys/compat/linuxkpi/common/include/linux/compat.h
+++ b/sys/compat/linuxkpi/common/include/linux/compat.h
@@ -35,11 +35,13 @@
 #include <sys/proc.h>
 #include <sys/malloc.h>
 
+struct domainset;
 struct thread;
 struct task_struct;
 
 extern int linux_alloc_current(struct thread *, int flags);
 extern void linux_free_current(struct task_struct *);
+extern struct domainset *linux_get_vm_domain_set(int node);
 
 static inline void
 linux_set_current(struct thread *td)
diff --git a/sys/compat/linuxkpi/common/include/linux/device.h b/sys/compat/linuxkpi/common/include/linux/device.h
index ca1ac13727b7..456f725b6c67 100644
--- a/sys/compat/linuxkpi/common/include/linux/device.h
+++ b/sys/compat/linuxkpi/common/include/linux/device.h
@@ -555,11 +555,9 @@ class_remove_file(struct class *class, const struct class_attribute *attr)
 		sysfs_remove_file(&class->kobj, &attr->attr);
 }
 
-static inline int
-dev_to_node(struct device *dev)
-{
-	return -1;
-}
+#define	dev_to_node(dev) linux_dev_to_node(dev)
+#define	of_node_to_nid(node) -1
+int linux_dev_to_node(struct device *);
 
 char *kvasprintf(gfp_t, const char *, va_list);
 char *kasprintf(gfp_t, const char *, ...);
diff --git a/sys/compat/linuxkpi/common/include/linux/slab.h b/sys/compat/linuxkpi/common/include/linux/slab.h
index ae1c9d81843e..ee2357ca614a 100644
--- a/sys/compat/linuxkpi/common/include/linux/slab.h
+++ b/sys/compat/linuxkpi/common/include/linux/slab.h
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Isilon Systems, Inc.
  * Copyright (c) 2010 iX Systems, Inc.
  * Copyright (c) 2010 Panasas, Inc.
- * Copyright (c) 2013-2017 Mellanox Technologies, Ltd.
+ * Copyright (c) 2013-2021 Mellanox Technologies, Ltd.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -37,6 +37,7 @@
 #include <sys/limits.h>
 #include <vm/uma.h>
 
+#include <linux/compat.h>
 #include <linux/types.h>
 #include <linux/gfp.h>
 
@@ -46,16 +47,15 @@ MALLOC_DECLARE(M_KMALLOC);
 #define	kvzalloc(size, flags)		kmalloc(size, (flags) | __GFP_ZERO)
 #define	kvcalloc(n, size, flags)	kvmalloc_array(n, size, (flags) | __GFP_ZERO)
 #define	kzalloc(size, flags)		kmalloc(size, (flags) | __GFP_ZERO)
-#define	kzalloc_node(size, flags, node)	kmalloc(size, (flags) | __GFP_ZERO)
+#define	kzalloc_node(size, flags, node)	kmalloc_node(size, (flags) | __GFP_ZERO, node)
 #define	kfree_const(ptr)		kfree(ptr)
 #define	vzalloc(size)			__vmalloc(size, GFP_KERNEL | __GFP_NOWARN | __GFP_ZERO, 0)
 #define	vfree(arg)			kfree(arg)
 #define	kvfree(arg)			kfree(arg)
-#define	vmalloc_node(size, node)	__vmalloc(size, GFP_KERNEL, 0)
+#define	vmalloc_node(size, node)	__vmalloc_node(size, GFP_KERNEL, node)
 #define	vmalloc_user(size)		__vmalloc(size, GFP_KERNEL | __GFP_ZERO, 0)
 #define	vmalloc(size)			__vmalloc(size, GFP_KERNEL, 0)
 #define	__kmalloc(...)			kmalloc(__VA_ARGS__)
-#define	kmalloc_node(chunk, flags, n)	kmalloc(chunk, flags)
 
 /*
  * Prefix some functions with linux_ to avoid namespace conflict
@@ -111,6 +111,13 @@ kmalloc(size_t size, gfp_t flags)
 	return (malloc(size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kmalloc_node(size_t size, gfp_t flags, int node)
+{
+	return (malloc_domainset(size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 kcalloc(size_t n, size_t size, gfp_t flags)
 {
@@ -118,12 +125,27 @@ kcalloc(size_t n, size_t size, gfp_t flags)
 	return (mallocarray(n, size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kcalloc_node(size_t n, size_t size, gfp_t flags, int node)
+{
+	flags |= __GFP_ZERO;
+	return (mallocarray_domainset(n, size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 __vmalloc(size_t size, gfp_t flags, int other)
 {
 	return (malloc(size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+__vmalloc_node(size_t size, gfp_t flags, int node)
+{
+	return (malloc_domainset(size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 vmalloc_32(size_t size)
 {
@@ -136,6 +158,13 @@ kmalloc_array(size_t n, size_t size, gfp_t flags)
 	return (mallocarray(n, size, M_KMALLOC, linux_check_m_flags(flags)));
 }
 
+static inline void *
+kmalloc_array_node(size_t n, size_t size, gfp_t flags, int node)
+{
+	return (mallocarray_domainset(n, size, M_KMALLOC,
+	    linux_get_vm_domain_set(node), linux_check_m_flags(flags)));
+}
+
 static inline void *
 kvmalloc_array(size_t n, size_t size, gfp_t flags)
 {
diff --git a/sys/compat/linuxkpi/common/src/linux_domain.c b/sys/compat/linuxkpi/common/src/linux_domain.c
new file mode 100644
index 000000000000..acbf8821d42b
--- /dev/null
+++ b/sys/compat/linuxkpi/common/src/linux_domain.c
@@ -0,0 +1,59 @@
+/*-
+ * Copyright (c) 2021 NVIDIA Networking
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice unmodified, this list of conditions, and the following
+ *    disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/domainset.h>
+#include <sys/bus.h>
+
+#include <linux/compat.h>
+#include <linux/device.h>
+
+struct domainset *
+linux_get_vm_domain_set(int node)
+{
+	KASSERT(node < MAXMEMDOM, ("Invalid VM domain %d", node));
+
+	if (node < 0)
+		return (DOMAINSET_RR());
+	else
+		return (DOMAINSET_PREF(node));
+}
+
+int
+linux_dev_to_node(struct device *dev)
+{
+	int numa_domain;
+
+	if (dev == NULL || dev->bsddev == NULL ||
+	    bus_get_domain(dev->bsddev, &numa_domain) != 0)
+		return (-1);
+	else
+		return (numa_domain);
+}
diff --git a/sys/conf/files b/sys/conf/files
index e0712a901c61..6b24b413fe59 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -4543,6 +4543,8 @@ compat/linuxkpi/common/src/linux_compat.c	optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_current.c	optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
+compat/linuxkpi/common/src/linux_domain.c	optional compat_linuxkpi \
+	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_hrtimer.c	optional compat_linuxkpi \
 	compile-with "${LINUXKPI_C}"
 compat/linuxkpi/common/src/linux_kthread.c	optional compat_linuxkpi \
diff --git a/sys/modules/linuxkpi/Makefile b/sys/modules/linuxkpi/Makefile
index 1491f1ff6f1a..90935b9cbf9c 100644
--- a/sys/modules/linuxkpi/Makefile
+++ b/sys/modules/linuxkpi/Makefile
@@ -4,6 +4,7 @@
 KMOD=	linuxkpi
 SRCS=	linux_compat.c \
 	linux_current.c \
+	linux_domain.c \
 	linux_hrtimer.c \
 	linux_idr.c \
 	linux_kmod.c \

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:47:30 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D6D955ABF0D;
 Tue, 23 Mar 2021 11:47:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4V3Q4J4lz4ktW;
 Tue, 23 Mar 2021 11:47:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D6D622007E;
 Tue, 23 Mar 2021 11:47:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NBlTXS050807;
 Tue, 23 Mar 2021 11:47:29 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NBlTx9050806;
 Tue, 23 Mar 2021 11:47:29 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:47:29 GMT
Message-Id: <202103231147.12NBlTx9050806@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: b880902e53d7 - stable/12 - MFC 6eb60f5b7f7d: Use the word
 "LinuxKPI" instead of "Linux compatibility",
 to not confuse with user-space Linux compatibility support. No functional
 change.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: b880902e53d78b290c11ae0a2d4e7ecea7a508b6
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:47:32 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=b880902e53d78b290c11ae0a2d4e7ecea7a508b6

commit b880902e53d78b290c11ae0a2d4e7ecea7a508b6
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 11:21:01 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 11:45:00 +0000

    MFC 6eb60f5b7f7d:
    Use the word "LinuxKPI" instead of "Linux compatibility", to not confuse with
    user-space Linux compatibility support. No functional change.
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit 6eb60f5b7f7df1a59de139260aebfa0aa5f6d79e)
---
 sys/kern/kern_intr.c | 4 ++--
 sys/sys/interrupt.h  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/kern/kern_intr.c b/sys/kern/kern_intr.c
index 95182f97fc18..ebad3f67ed3d 100644
--- a/sys/kern/kern_intr.c
+++ b/sys/kern/kern_intr.c
@@ -758,8 +758,8 @@ intr_handler_barrier(struct intr_handler *handler)
  * Sleep until an ithread finishes executing an interrupt handler.
  *
  * XXX Doesn't currently handle interrupt filters or fast interrupt
- * handlers.  This is intended for compatibility with linux drivers
- * only.  Do not use in BSD code.
+ * handlers. This is intended for LinuxKPI drivers only.
+ * Do not use in BSD code.
  */
 void
 _intr_drain(int irq)
diff --git a/sys/sys/interrupt.h b/sys/sys/interrupt.h
index 2b66b7ae4597..4d257ba4f89e 100644
--- a/sys/sys/interrupt.h
+++ b/sys/sys/interrupt.h
@@ -192,7 +192,7 @@ int	intr_event_resume_handler(void *cookie);
 int	intr_getaffinity(int irq, int mode, void *mask);
 void	*intr_handler_source(void *cookie);
 int	intr_setaffinity(int irq, int mode, void *mask);
-void	_intr_drain(int irq);  /* Linux compat only. */
+void	_intr_drain(int irq);  /* LinuxKPI only. */
 int	swi_add(struct intr_event **eventp, const char *name,
 	    driver_intr_t handler, void *arg, int pri, enum intr_type flags,
 	    void **cookiep);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:47:32 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8C1F05ABAD3;
 Tue, 23 Mar 2021 11:47:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4V3R4nLcz4kwy;
 Tue, 23 Mar 2021 11:47:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E6B2E205B4;
 Tue, 23 Mar 2021 11:47:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NBlUax050829;
 Tue, 23 Mar 2021 11:47:30 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NBlUJd050828;
 Tue, 23 Mar 2021 11:47:30 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:47:30 GMT
Message-Id: <202103231147.12NBlUJd050828@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: eab581fa61b5 - stable/12 - MFC d1cbe7908986: Allocating the
 LinuxKPI current structure from an interrupt thread must be done using the
 M_NOWAIT flag after 1ae20f7c70ea .
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: eab581fa61b535328ea525036c6e9a45bf54f474
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:47:33 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=eab581fa61b535328ea525036c6e9a45bf54f474

commit eab581fa61b535328ea525036c6e9a45bf54f474
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 09:50:01 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 11:45:29 +0000

    MFC d1cbe7908986:
    Allocating the LinuxKPI current structure from an interrupt thread must be
    done using the M_NOWAIT flag after 1ae20f7c70ea .
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit d1cbe79089868226625c12ef49f51214d79aa427)
---
 sys/compat/linuxkpi/common/src/linux_compat.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c
index f93905a03158..f120856dd23d 100644
--- a/sys/compat/linuxkpi/common/src/linux_compat.c
+++ b/sys/compat/linuxkpi/common/src/linux_compat.c
@@ -2372,7 +2372,8 @@ linux_irq_handler(void *ent)
 {
 	struct irq_ent *irqe;
 
-	linux_set_current(curthread);
+	if (linux_set_current_flags(curthread, M_NOWAIT))
+		return;
 
 	irqe = ent;
 	irqe->handler(irqe->irq, irqe->arg);

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 11:47:34 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D95F05ABB4E;
 Tue, 23 Mar 2021 11:47:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4V3T0b9Nz4l0W;
 Tue, 23 Mar 2021 11:47:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1609920727;
 Tue, 23 Mar 2021 11:47:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NBlVtG050851;
 Tue, 23 Mar 2021 11:47:32 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NBlVhX050850;
 Tue, 23 Mar 2021 11:47:31 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 11:47:31 GMT
Message-Id: <202103231147.12NBlVhX050850@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: af3a80bcdd20 - stable/12 - MFC dfb33cb0ef48: Allocating the
 LinuxKPI current structure from a software interrupt thread must be done
 using the M_NOWAIT flag after 1ae20f7c70ea .
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: af3a80bcdd204aaf9e9b7642cf81e4dfdb5a789e
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 11:47:35 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=af3a80bcdd204aaf9e9b7642cf81e4dfdb5a789e

commit af3a80bcdd204aaf9e9b7642cf81e4dfdb5a789e
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-10 12:26:09 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-23 11:46:02 +0000

    MFC dfb33cb0ef48:
    Allocating the LinuxKPI current structure from a software interrupt thread
    must be done using the M_NOWAIT flag after 1ae20f7c70ea .
    
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit dfb33cb0ef48084da84072244e8ca486dfcf3a96)
---
 sys/compat/linuxkpi/common/src/linux_compat.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c
index f120856dd23d..e758a5590bc9 100644
--- a/sys/compat/linuxkpi/common/src/linux_compat.c
+++ b/sys/compat/linuxkpi/common/src/linux_compat.c
@@ -1901,9 +1901,15 @@ linux_timer_callback_wrapper(void *context)
 {
 	struct timer_list *timer;
 
-	linux_set_current(curthread);
-
 	timer = context;
+
+	if (linux_set_current_flags(curthread, M_NOWAIT)) {
+		/* try again later */
+		callout_reset(&timer->callout, 1,
+		    &linux_timer_callback_wrapper, timer);
+		return;
+	}
+
 	timer->function(timer->data);
 }
 

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 12:24:30 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1A1E05AD1E2;
 Tue, 23 Mar 2021 12:24:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4Vt60F9pz4nLs;
 Tue, 23 Mar 2021 12:24:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF7C820FB6;
 Tue, 23 Mar 2021 12:24:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NCOTL1006575;
 Tue, 23 Mar 2021 12:24:29 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NCOTTi006574;
 Tue, 23 Mar 2021 12:24:29 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 12:24:29 GMT
Message-Id: <202103231224.12NCOTTi006574@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 961e7887b9ba - stable/12 - pf: pool/kpool conversion code
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 961e7887b9bad9dd446a2289f3e5266ad2d122ef
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 12:24:30 -0000

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=961e7887b9bad9dd446a2289f3e5266ad2d122ef

commit 961e7887b9bad9dd446a2289f3e5266ad2d122ef
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-03-11 10:37:05 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-03-23 12:24:15 +0000

    pf: pool/kpool conversion code
    
    stuct pf_pool and struct pf_kpool are different. We should not simply
    bcopy() them.
    
    Happily it turns out that their differences were all pointers, and the
    userspace provided pointers were overwritten by the kernel, so this did
    actually work correctly, but we should fix it anyway.
    
    Reviewed by:    glebius
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D29216
    
    (cherry picked from commit 15b82e00a1640d1b9a1d720c95f65e580be30187)
---
 sys/netpfil/pf/pf_ioctl.c | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index d5e09ea1c443..8212d5055ef7 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1466,6 +1466,39 @@ pf_pooladdr_to_kpooladdr(const struct pf_pooladdr *pool,
 	strlcpy(kpool->ifname, pool->ifname, sizeof(kpool->ifname));
 }
 
+static void
+pf_kpool_to_pool(const struct pf_kpool *kpool, struct pf_pool *pool)
+{
+	bzero(pool, sizeof(*pool));
+
+	bcopy(&kpool->key, &pool->key, sizeof(pool->key));
+	bcopy(&kpool->counter, &pool->counter, sizeof(pool->counter));
+
+	pool->tblidx = kpool->tblidx;
+	pool->proxy_port[0] = kpool->proxy_port[0];
+	pool->proxy_port[1] = kpool->proxy_port[1];
+	pool->opts = kpool->opts;
+}
+
+static int
+pf_pool_to_kpool(const struct pf_pool *pool, struct pf_kpool *kpool)
+{
+	_Static_assert(sizeof(pool->key) == sizeof(kpool->key), "");
+	_Static_assert(sizeof(pool->counter) == sizeof(kpool->counter), "");
+
+	bzero(kpool, sizeof(*kpool));
+
+	bcopy(&pool->key, &kpool->key, sizeof(kpool->key));
+	bcopy(&pool->counter, &kpool->counter, sizeof(kpool->counter));
+
+	kpool->tblidx = pool->tblidx;
+	kpool->proxy_port[0] = pool->proxy_port[0];
+	kpool->proxy_port[1] = pool->proxy_port[1];
+	kpool->opts = pool->opts;
+
+	return (0);
+}
+
 static void
 pf_krule_to_rule(const struct pf_krule *krule, struct pf_rule *rule)
 {
@@ -1492,7 +1525,7 @@ pf_krule_to_rule(const struct pf_krule *krule, struct pf_rule *rule)
 	strlcpy(rule->overload_tblname, krule->overload_tblname,
 	    sizeof(rule->overload_tblname));
 
-	bcopy(&krule->rpool, &rule->rpool, sizeof(krule->rpool));
+	pf_kpool_to_pool(&krule->rpool, &rule->rpool);
 
 	rule->evaluations = counter_u64_fetch(krule->evaluations);
 	for (int i = 0; i < 2; i++) {
@@ -1629,7 +1662,9 @@ pf_rule_to_krule(const struct pf_rule *rule, struct pf_krule *krule)
 	strlcpy(krule->overload_tblname, rule->overload_tblname,
 	    sizeof(rule->overload_tblname));
 
-	bcopy(&rule->rpool, &krule->rpool, sizeof(krule->rpool));
+	ret = pf_pool_to_kpool(&rule->rpool, &krule->rpool);
+	if (ret != 0)
+		return (ret);
 
 	/* Don't allow userspace to set evaulations, packets or bytes. */
 	/* kif, anchor, overload_tbl are not copied over. */

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 12:24:31 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id DA7515AD2FF;
 Tue, 23 Mar 2021 12:24:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4Vt74GKLz4nJb;
 Tue, 23 Mar 2021 12:24:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8068020C4A;
 Tue, 23 Mar 2021 12:24:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NCOVu1006672;
 Tue, 23 Mar 2021 12:24:31 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NCOVxl006671;
 Tue, 23 Mar 2021 12:24:31 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 12:24:31 GMT
Message-Id: <202103231224.12NCOVxl006671@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 7d5886158650 - stable/13 - pf: pool/kpool conversion code
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7d588615865023c5d159f47c98279d05b102ea27
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 12:24:32 -0000

The branch stable/13 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=7d588615865023c5d159f47c98279d05b102ea27

commit 7d588615865023c5d159f47c98279d05b102ea27
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-03-11 10:37:05 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-03-23 12:23:55 +0000

    pf: pool/kpool conversion code
    
    stuct pf_pool and struct pf_kpool are different. We should not simply
    bcopy() them.
    
    Happily it turns out that their differences were all pointers, and the
    userspace provided pointers were overwritten by the kernel, so this did
    actually work correctly, but we should fix it anyway.
    
    Reviewed by:    glebius
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D29216
    
    (cherry picked from commit 15b82e00a1640d1b9a1d720c95f65e580be30187)
---
 sys/netpfil/pf/pf_ioctl.c | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index c930a67ecf80..ce889c8d797e 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1465,6 +1465,39 @@ pf_pooladdr_to_kpooladdr(const struct pf_pooladdr *pool,
 	strlcpy(kpool->ifname, pool->ifname, sizeof(kpool->ifname));
 }
 
+static void
+pf_kpool_to_pool(const struct pf_kpool *kpool, struct pf_pool *pool)
+{
+	bzero(pool, sizeof(*pool));
+
+	bcopy(&kpool->key, &pool->key, sizeof(pool->key));
+	bcopy(&kpool->counter, &pool->counter, sizeof(pool->counter));
+
+	pool->tblidx = kpool->tblidx;
+	pool->proxy_port[0] = kpool->proxy_port[0];
+	pool->proxy_port[1] = kpool->proxy_port[1];
+	pool->opts = kpool->opts;
+}
+
+static int
+pf_pool_to_kpool(const struct pf_pool *pool, struct pf_kpool *kpool)
+{
+	_Static_assert(sizeof(pool->key) == sizeof(kpool->key), "");
+	_Static_assert(sizeof(pool->counter) == sizeof(kpool->counter), "");
+
+	bzero(kpool, sizeof(*kpool));
+
+	bcopy(&pool->key, &kpool->key, sizeof(kpool->key));
+	bcopy(&pool->counter, &kpool->counter, sizeof(kpool->counter));
+
+	kpool->tblidx = pool->tblidx;
+	kpool->proxy_port[0] = pool->proxy_port[0];
+	kpool->proxy_port[1] = pool->proxy_port[1];
+	kpool->opts = pool->opts;
+
+	return (0);
+}
+
 static void
 pf_krule_to_rule(const struct pf_krule *krule, struct pf_rule *rule)
 {
@@ -1491,7 +1524,7 @@ pf_krule_to_rule(const struct pf_krule *krule, struct pf_rule *rule)
 	strlcpy(rule->overload_tblname, krule->overload_tblname,
 	    sizeof(rule->overload_tblname));
 
-	bcopy(&krule->rpool, &rule->rpool, sizeof(krule->rpool));
+	pf_kpool_to_pool(&krule->rpool, &rule->rpool);
 
 	rule->evaluations = counter_u64_fetch(krule->evaluations);
 	for (int i = 0; i < 2; i++) {
@@ -1628,7 +1661,9 @@ pf_rule_to_krule(const struct pf_rule *rule, struct pf_krule *krule)
 	strlcpy(krule->overload_tblname, rule->overload_tblname,
 	    sizeof(rule->overload_tblname));
 
-	bcopy(&rule->rpool, &krule->rpool, sizeof(krule->rpool));
+	ret = pf_pool_to_kpool(&rule->rpool, &krule->rpool);
+	if (ret != 0)
+		return (ret);
 
 	/* Don't allow userspace to set evaulations, packets or bytes. */
 	/* kif, anchor, overload_tbl are not copied over. */

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 15:36:24 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 837C45B1F0E;
 Tue, 23 Mar 2021 15:36:24 +0000 (UTC)
 (envelope-from freqlabs@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4b7X3NXjz3Gn7;
 Tue, 23 Mar 2021 15:36:24 +0000 (UTC)
 (envelope-from freqlabs@FreeBSD.org)
Received: from Ryans-MacBook-Pro.local
 (69-228-200-148.lightspeed.knvltn.sbcglobal.net [69.228.200.148])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 (Authenticated sender: freqlabs/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 2AD3326905;
 Tue, 23 Mar 2021 15:36:24 +0000 (UTC)
 (envelope-from freqlabs@FreeBSD.org)
Subject: Re: git: b304cd9789ca - stable/12 - Drop EFI_STAGING_SIZE back down
 to 64M
To: Maxim Sobolev <sobomax@freebsd.org>, Ryan Moeller <freqlabs@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>,
 dev-commits-src-all@freebsd.org, dev-commits-src-branches@freebsd.org
References: <202103222148.12MLm6Wl074553@gitrepo.freebsd.org>
 <CAH7qZfs5-Df86_rE0cwdaSfbSDcZCBF3-BPN0OkE1SxAPcBP+A@mail.gmail.com>
From: Ryan Moeller <freqlabs@FreeBSD.org>
Message-ID: <177dd150-c20f-b988-3a3e-008f70cfaf0c@FreeBSD.org>
Date: Tue, 23 Mar 2021 11:36:22 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0)
 Gecko/20100101 Thunderbird/78.8.1
MIME-Version: 1.0
In-Reply-To: <CAH7qZfs5-Df86_rE0cwdaSfbSDcZCBF3-BPN0OkE1SxAPcBP+A@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 15:36:24 -0000


On 3/22/21 6:08 PM, Maxim Sobolev wrote:
> Hmm, that's really annoying, reminiscent of the old DOS days, where 
> you might have few megs of memory, but won't be able to use it due to 
> some bios/motherboard quirk. :-/
>
> Can we at least have some specific section for VMWare to teak that in? 
> We already have the HYPER-V section in that file, so it's not unheard 
> of. At the very least other virtual machines (i.e. VirtualBox in the 
> EFI mode or majority "real" EFI servers) do not have this restriction.
>

My understanding is that the staging area will dynamically grow at run 
time if necessary:
https://cgit.freebsd.org/src/commit/?id=821e3395c053a35e666c99c94bbeed84f7da2dcf


- Ryan


From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 19:21:49 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3E96E5B8FE2;
 Tue, 23 Mar 2021 19:21:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4h7d1L6zz3qGr;
 Tue, 23 Mar 2021 19:21:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 210F226928;
 Tue, 23 Mar 2021 19:21:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NJLn4w093092;
 Tue, 23 Mar 2021 19:21:49 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NJLnFA093091;
 Tue, 23 Mar 2021 19:21:49 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 19:21:49 GMT
Message-Id: <202103231921.12NJLnFA093091@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Nathan Whitehorn <nwhitehorn@FreeBSD.org>
Subject: git: 4601382e1362 - stable/13 - Fix scripted installs on EFI systems
 after default mounting of the ESP.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: nwhitehorn
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 4601382e1362352f17a33e4ed38db5dcfe3f6be5
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 19:21:49 -0000

The branch stable/13 has been updated by nwhitehorn:

URL: https://cgit.FreeBSD.org/src/commit/?id=4601382e1362352f17a33e4ed38db5dcfe3f6be5

commit 4601382e1362352f17a33e4ed38db5dcfe3f6be5
Author:     Nathan Whitehorn <nwhitehorn@FreeBSD.org>
AuthorDate: 2021-03-23 13:19:42 +0000
Commit:     Nathan Whitehorn <nwhitehorn@FreeBSD.org>
CommitDate: 2021-03-23 19:21:33 +0000

    Fix scripted installs on EFI systems after default mounting of the ESP.
    
    Because the ESP mount point (/boot/efi) is in mtree, tar will attempt to
    extract a directory at that point post-mount when the system is installed.
    Normally, this is fine, since tar can happily set whatever properties it
    wants. For FAT32 file systems, however, like the ESP, tar will attempt to
    set mtime on the root directory, which FAT does not support, and tar will
    interpret this as a fatal error, breaking the install (see
    https://github.com/libarchive/libarchive/issues/1516). This issue would
    also break scripted installs on bare-metal POWER8, POWER9, and PS3
    systems, as well as some ARM systems.
    
    This patch solves the problem in two ways:
    - If stdout is a TTY, use the distextract stage instead of tar, as in
      interactive installs. distextract solves this problem internally and
      provides a nicer UI to boot, but requires a TTY.
    - If stdout is not a TTY, use tar but, as a stopgap for 13.0, exclude
      boot/efi from tarball extraction and then add it by hand. This is a
      hack, and better solutions (as in the libarchive ticket above) will
      obsolete it, but it solves the most common case, leaving only
      unattended TTY-less installs on a few tier-2 platforms broken.
    
    In addition, fix a bug with fstab generation uncovered once the tar issue
    is fixed that umount(8) can depend on the ordering of lines in fstab in a
    way that mount(8) does not. The partition editor now writes out fstab in
    mount order, making sure umount (run at the end of scripted, but not
    interactive, installs) succeeds.
    
    PR:             254395
    Approved by:    re (gjb)
    Reviewed by:    gjb, imp
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D29380
    
    (cherry picked from commit c2f16c595eb51c6e0cb6ece3f6f078d738019059)
---
 usr.sbin/bsdinstall/partedit/partedit.c | 39 +++++++++++++++++++++++++++++++++
 usr.sbin/bsdinstall/scripts/script      | 30 ++++++++++++++++++-------
 2 files changed, 61 insertions(+), 8 deletions(-)

diff --git a/usr.sbin/bsdinstall/partedit/partedit.c b/usr.sbin/bsdinstall/partedit/partedit.c
index c5fa28e73582..6d045428dd32 100644
--- a/usr.sbin/bsdinstall/partedit/partedit.c
+++ b/usr.sbin/bsdinstall/partedit/partedit.c
@@ -323,6 +323,22 @@ validate_setup(void)
 	return (TRUE);
 }
 
+static int
+mountpoint_sorter(const void *xa, const void *xb)
+{
+	struct partition_metadata *a = *(struct partition_metadata **)xa;
+	struct partition_metadata *b = *(struct partition_metadata **)xb;
+
+	if (a->fstab == NULL && b->fstab == NULL)
+		return 0;
+	if (a->fstab == NULL)
+		return 1;
+	if (b->fstab == NULL)
+		return -1;
+
+	return strcmp(a->fstab->fs_file, b->fstab->fs_file);
+}
+
 static int
 apply_changes(struct gmesh *mesh)
 {
@@ -386,6 +402,29 @@ apply_changes(struct gmesh *mesh)
 		free(__DECONST(char *, items[i*2]));
 	free(items);
 
+	/* Sort filesystems for fstab so that mountpoints are ordered */
+	{
+		struct partition_metadata **tobesorted;
+		struct partition_metadata *tmp;
+		int nparts = 0;
+		TAILQ_FOREACH(md, &part_metadata, metadata)
+			nparts++;
+		tobesorted = malloc(sizeof(struct partition_metadata *)*nparts);
+		nparts = 0;
+		TAILQ_FOREACH_SAFE(md, &part_metadata, metadata, tmp) {
+			tobesorted[nparts++] = md;
+			TAILQ_REMOVE(&part_metadata, md, metadata);
+		}
+		qsort(tobesorted, nparts, sizeof(tobesorted[0]),
+		    mountpoint_sorter);
+
+		/* Now re-add everything */
+		while (nparts-- > 0)
+			TAILQ_INSERT_HEAD(&part_metadata,
+			    tobesorted[nparts], metadata);
+		free(tobesorted);
+	}
+
 	if (getenv("PATH_FSTAB") != NULL)
 		fstab_path = getenv("PATH_FSTAB");
 	else
diff --git a/usr.sbin/bsdinstall/scripts/script b/usr.sbin/bsdinstall/scripts/script
index 4d0a91833644..1d8e52a9d6d3 100755
--- a/usr.sbin/bsdinstall/scripts/script
+++ b/usr.sbin/bsdinstall/scripts/script
@@ -116,14 +116,28 @@ fi
 
 # Unpack distributions
 bsdinstall checksum
-for set in $DISTRIBUTIONS; do
-	f_dprintf "Extracting $BSDINSTALL_DISTDIR/$set"
-	# XXX: this will fail if any mountpoints are FAT, due to inability to
-	# set ctime/mtime on the root of FAT partitions. tar has no option to
-	# ignore this. We probably need to switch back to distextract here
-	# to properly support EFI.
-	tar -xf "$BSDINSTALL_DISTDIR/$set" -C $BSDINSTALL_CHROOT
-done
+if [ -t 0 ]; then
+	# If install is a tty, use distextract as normal
+	bsdinstall distextract
+else
+	# Otherwise, we need to use tar (see https://reviews.freebsd.org/D10736)
+	for set in $DISTRIBUTIONS; do
+		f_dprintf "Extracting $BSDINSTALL_DISTDIR/$set"
+		# XXX: The below fails if any mountpoints are FAT, due to
+		# inability to set ctime/mtime on the root of FAT partitions,
+		# which is needed to support e.g. EFI system partitions. tar has
+		# no option to ignore this (distextract ignores them internally
+		# through a hack), and returns 1 on any warning or error,
+		# effectively turning all warnings into fatal errors.
+		# 
+		# Work around this in an extremely lame way for the specific
+		# case of EFI system partitions only. This *ONLY WORKS* if
+		# /boot/efi is empty and does not handle analagous problems on
+		# other systems (ARM, PPC64).
+		tar -xf "$BSDINSTALL_DISTDIR/$set" -C $BSDINSTALL_CHROOT --exclude boot/efi
+		mkdir -p $BSDINSTALL_CHROOT/boot/efi
+	done
+fi
 
 # Configure bootloader if needed
 bsdinstall bootconfig

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 21:14:29 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 129265BC79E;
 Tue, 23 Mar 2021 21:14:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4kdd019Yz4SYp;
 Tue, 23 Mar 2021 21:14:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E72EF194;
 Tue, 23 Mar 2021 21:14:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NLES51049878;
 Tue, 23 Mar 2021 21:14:28 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NLES1s049877;
 Tue, 23 Mar 2021 21:14:28 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 21:14:28 GMT
Message-Id: <202103232114.12NLES1s049877@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Nathan Whitehorn <nwhitehorn@FreeBSD.org>
Subject: git: 3ef46634cd5a - releng/13.0 - Fix scripted installs on EFI
 systems after default mounting of the ESP.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: nwhitehorn
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 3ef46634cd5a6ba0e156d5da095bbee5f63ec1cd
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 21:14:29 -0000

The branch releng/13.0 has been updated by nwhitehorn:

URL: https://cgit.FreeBSD.org/src/commit/?id=3ef46634cd5a6ba0e156d5da095bbee5f63ec1cd

commit 3ef46634cd5a6ba0e156d5da095bbee5f63ec1cd
Author:     Nathan Whitehorn <nwhitehorn@FreeBSD.org>
AuthorDate: 2021-03-23 13:19:42 +0000
Commit:     Nathan Whitehorn <nwhitehorn@FreeBSD.org>
CommitDate: 2021-03-23 19:22:20 +0000

    Fix scripted installs on EFI systems after default mounting of the ESP.
    
    Because the ESP mount point (/boot/efi) is in mtree, tar will attempt to
    extract a directory at that point post-mount when the system is installed.
    Normally, this is fine, since tar can happily set whatever properties it
    wants. For FAT32 file systems, however, like the ESP, tar will attempt to
    set mtime on the root directory, which FAT does not support, and tar will
    interpret this as a fatal error, breaking the install (see
    https://github.com/libarchive/libarchive/issues/1516). This issue would
    also break scripted installs on bare-metal POWER8, POWER9, and PS3
    systems, as well as some ARM systems.
    
    This patch solves the problem in two ways:
    - If stdout is a TTY, use the distextract stage instead of tar, as in
      interactive installs. distextract solves this problem internally and
      provides a nicer UI to boot, but requires a TTY.
    - If stdout is not a TTY, use tar but, as a stopgap for 13.0, exclude
      boot/efi from tarball extraction and then add it by hand. This is a
      hack, and better solutions (as in the libarchive ticket above) will
      obsolete it, but it solves the most common case, leaving only
      unattended TTY-less installs on a few tier-2 platforms broken.
    
    In addition, fix a bug with fstab generation uncovered once the tar issue
    is fixed that umount(8) can depend on the ordering of lines in fstab in a
    way that mount(8) does not. The partition editor now writes out fstab in
    mount order, making sure umount (run at the end of scripted, but not
    interactive, installs) succeeds.
    
    PR:             254395
    Approved by:    re (gjb)
    Reviewed by:    gjb, imp
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D29380
    
    (cherry picked from commit c2f16c595eb51c6e0cb6ece3f6f078d738019059)
    (cherry picked from commit 4601382e1362352f17a33e4ed38db5dcfe3f6be5)
---
 usr.sbin/bsdinstall/partedit/partedit.c | 39 +++++++++++++++++++++++++++++++++
 usr.sbin/bsdinstall/scripts/script      | 30 ++++++++++++++++++-------
 2 files changed, 61 insertions(+), 8 deletions(-)

diff --git a/usr.sbin/bsdinstall/partedit/partedit.c b/usr.sbin/bsdinstall/partedit/partedit.c
index c5fa28e73582..6d045428dd32 100644
--- a/usr.sbin/bsdinstall/partedit/partedit.c
+++ b/usr.sbin/bsdinstall/partedit/partedit.c
@@ -323,6 +323,22 @@ validate_setup(void)
 	return (TRUE);
 }
 
+static int
+mountpoint_sorter(const void *xa, const void *xb)
+{
+	struct partition_metadata *a = *(struct partition_metadata **)xa;
+	struct partition_metadata *b = *(struct partition_metadata **)xb;
+
+	if (a->fstab == NULL && b->fstab == NULL)
+		return 0;
+	if (a->fstab == NULL)
+		return 1;
+	if (b->fstab == NULL)
+		return -1;
+
+	return strcmp(a->fstab->fs_file, b->fstab->fs_file);
+}
+
 static int
 apply_changes(struct gmesh *mesh)
 {
@@ -386,6 +402,29 @@ apply_changes(struct gmesh *mesh)
 		free(__DECONST(char *, items[i*2]));
 	free(items);
 
+	/* Sort filesystems for fstab so that mountpoints are ordered */
+	{
+		struct partition_metadata **tobesorted;
+		struct partition_metadata *tmp;
+		int nparts = 0;
+		TAILQ_FOREACH(md, &part_metadata, metadata)
+			nparts++;
+		tobesorted = malloc(sizeof(struct partition_metadata *)*nparts);
+		nparts = 0;
+		TAILQ_FOREACH_SAFE(md, &part_metadata, metadata, tmp) {
+			tobesorted[nparts++] = md;
+			TAILQ_REMOVE(&part_metadata, md, metadata);
+		}
+		qsort(tobesorted, nparts, sizeof(tobesorted[0]),
+		    mountpoint_sorter);
+
+		/* Now re-add everything */
+		while (nparts-- > 0)
+			TAILQ_INSERT_HEAD(&part_metadata,
+			    tobesorted[nparts], metadata);
+		free(tobesorted);
+	}
+
 	if (getenv("PATH_FSTAB") != NULL)
 		fstab_path = getenv("PATH_FSTAB");
 	else
diff --git a/usr.sbin/bsdinstall/scripts/script b/usr.sbin/bsdinstall/scripts/script
index 4d0a91833644..1d8e52a9d6d3 100755
--- a/usr.sbin/bsdinstall/scripts/script
+++ b/usr.sbin/bsdinstall/scripts/script
@@ -116,14 +116,28 @@ fi
 
 # Unpack distributions
 bsdinstall checksum
-for set in $DISTRIBUTIONS; do
-	f_dprintf "Extracting $BSDINSTALL_DISTDIR/$set"
-	# XXX: this will fail if any mountpoints are FAT, due to inability to
-	# set ctime/mtime on the root of FAT partitions. tar has no option to
-	# ignore this. We probably need to switch back to distextract here
-	# to properly support EFI.
-	tar -xf "$BSDINSTALL_DISTDIR/$set" -C $BSDINSTALL_CHROOT
-done
+if [ -t 0 ]; then
+	# If install is a tty, use distextract as normal
+	bsdinstall distextract
+else
+	# Otherwise, we need to use tar (see https://reviews.freebsd.org/D10736)
+	for set in $DISTRIBUTIONS; do
+		f_dprintf "Extracting $BSDINSTALL_DISTDIR/$set"
+		# XXX: The below fails if any mountpoints are FAT, due to
+		# inability to set ctime/mtime on the root of FAT partitions,
+		# which is needed to support e.g. EFI system partitions. tar has
+		# no option to ignore this (distextract ignores them internally
+		# through a hack), and returns 1 on any warning or error,
+		# effectively turning all warnings into fatal errors.
+		# 
+		# Work around this in an extremely lame way for the specific
+		# case of EFI system partitions only. This *ONLY WORKS* if
+		# /boot/efi is empty and does not handle analagous problems on
+		# other systems (ARM, PPC64).
+		tar -xf "$BSDINSTALL_DISTDIR/$set" -C $BSDINSTALL_CHROOT --exclude boot/efi
+		mkdir -p $BSDINSTALL_CHROOT/boot/efi
+	done
+fi
 
 # Configure bootloader if needed
 bsdinstall bootconfig

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 21:17:38 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AEFA45BCB03;
 Tue, 23 Mar 2021 21:17:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4kjG4Ynrz4TB9;
 Tue, 23 Mar 2021 21:17:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8F18F27DBA;
 Tue, 23 Mar 2021 21:17:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NLHcuS050467;
 Tue, 23 Mar 2021 21:17:38 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NLHcXk050466;
 Tue, 23 Mar 2021 21:17:38 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 21:17:38 GMT
Message-Id: <202103232117.12NLHcXk050466@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Vincenzo Maffione <vmaffione@FreeBSD.org>
Subject: git: 3e4127f8f293 - stable/13 - netmap: fix issues in
 nm_os_extmem_create()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vmaffione
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3e4127f8f2933029034ac618a0013f434cb4a420
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 21:17:38 -0000

The branch stable/13 has been updated by vmaffione:

URL: https://cgit.FreeBSD.org/src/commit/?id=3e4127f8f2933029034ac618a0013f434cb4a420

commit 3e4127f8f2933029034ac618a0013f434cb4a420
Author:     Vincenzo Maffione <vmaffione@FreeBSD.org>
AuthorDate: 2021-03-20 17:15:50 +0000
Commit:     Vincenzo Maffione <vmaffione@FreeBSD.org>
CommitDate: 2021-03-23 21:17:23 +0000

    netmap: fix issues in nm_os_extmem_create()
    
    - Call vm_object_reference() before vm_map_lookup_done().
    - Use vm_mmap_to_errno() to convert vm_map_* return values to errno.
    - Fix memory leak of e->obj.
    
    Reported by:    markj
    Reviewed by:    markj
    MFC after:      1 week
    
    (cherry picked from commit ee7ffaa2e6e08b63efb4673610875d40964d5058)
---
 sys/dev/netmap/netmap_freebsd.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/sys/dev/netmap/netmap_freebsd.c b/sys/dev/netmap/netmap_freebsd.c
index e37815dc88d5..2cedea4440fe 100644
--- a/sys/dev/netmap/netmap_freebsd.c
+++ b/sys/dev/netmap/netmap_freebsd.c
@@ -664,6 +664,7 @@ nm_os_vi_detach(struct ifnet *ifp)
 
 #ifdef WITH_EXTMEM
 #include <vm/vm_map.h>
+#include <vm/vm_extern.h>
 #include <vm/vm_kern.h>
 struct nm_os_extmem {
 	vm_object_t obj;
@@ -726,17 +727,18 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			&obj, &index, &prot, &wired);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("address %lx not found", p);
+		error = vm_mmap_to_errno(rv);
 		goto out_free;
 	}
+	vm_object_reference(obj);
+
 	/* check that we are given the whole vm_object ? */
 	vm_map_lookup_done(map, entry);
 
-	// XXX can we really use obj after releasing the map lock?
 	e->obj = obj;
-	vm_object_reference(obj);
-	/* wire the memory and add the vm_object to the kernel map,
-	 * to make sure that it is not fred even if the processes that
-	 * are mmap()ing it all exit
+	/* Wire the memory and add the vm_object to the kernel map,
+	 * to make sure that it is not freed even if all the processes
+	 * that are mmap()ing should munmap() it.
 	 */
 	e->kva = vm_map_min(kernel_map);
 	e->size = obj->size << PAGE_SHIFT;
@@ -745,12 +747,14 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			VM_PROT_READ | VM_PROT_WRITE, 0);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_find(%zx) failed", (size_t)e->size);
+		error = vm_mmap_to_errno(rv);
 		goto out_rel;
 	}
 	rv = vm_map_wire(kernel_map, e->kva, e->kva + e->size,
 			VM_MAP_WIRE_SYSTEM | VM_MAP_WIRE_NOHOLES);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_wire failed");
+		error = vm_mmap_to_errno(rv);
 		goto out_rem;
 	}
 
@@ -760,9 +764,9 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 
 out_rem:
 	vm_map_remove(kernel_map, e->kva, e->kva + e->size);
-	e->obj = NULL;
 out_rel:
 	vm_object_deallocate(e->obj);
+	e->obj = NULL;
 out_free:
 	nm_os_free(e);
 out:

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 21:19:16 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 920865BCBBF;
 Tue, 23 Mar 2021 21:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4kl83Hj2z4Tbv;
 Tue, 23 Mar 2021 21:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 597F927D71;
 Tue, 23 Mar 2021 21:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NLJGNY050811;
 Tue, 23 Mar 2021 21:19:16 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NLJGEE050810;
 Tue, 23 Mar 2021 21:19:16 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 21:19:16 GMT
Message-Id: <202103232119.12NLJGEE050810@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Vincenzo Maffione <vmaffione@FreeBSD.org>
Subject: git: 610706f5e71a - stable/12 - netmap: fix issues in
 nm_os_extmem_create()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vmaffione
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 610706f5e71a2805688cb3c13e8605675b58802c
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 21:19:16 -0000

The branch stable/12 has been updated by vmaffione:

URL: https://cgit.FreeBSD.org/src/commit/?id=610706f5e71a2805688cb3c13e8605675b58802c

commit 610706f5e71a2805688cb3c13e8605675b58802c
Author:     Vincenzo Maffione <vmaffione@FreeBSD.org>
AuthorDate: 2021-03-20 17:15:50 +0000
Commit:     Vincenzo Maffione <vmaffione@FreeBSD.org>
CommitDate: 2021-03-23 21:18:31 +0000

    netmap: fix issues in nm_os_extmem_create()
    
    - Call vm_object_reference() before vm_map_lookup_done().
    - Use vm_mmap_to_errno() to convert vm_map_* return values to errno.
    - Fix memory leak of e->obj.
    
    Reported by:    markj
    Reviewed by:    markj
    MFC after:      1 week
    
    (cherry picked from commit ee7ffaa2e6e08b63efb4673610875d40964d5058)
---
 sys/dev/netmap/netmap_freebsd.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/sys/dev/netmap/netmap_freebsd.c b/sys/dev/netmap/netmap_freebsd.c
index ea9f4252a562..28f753b06f8c 100644
--- a/sys/dev/netmap/netmap_freebsd.c
+++ b/sys/dev/netmap/netmap_freebsd.c
@@ -663,6 +663,7 @@ nm_os_vi_detach(struct ifnet *ifp)
 
 #ifdef WITH_EXTMEM
 #include <vm/vm_map.h>
+#include <vm/vm_extern.h>
 #include <vm/vm_kern.h>
 struct nm_os_extmem {
 	vm_object_t obj;
@@ -725,17 +726,18 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			&obj, &index, &prot, &wired);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("address %lx not found", p);
+		error = vm_mmap_to_errno(rv);
 		goto out_free;
 	}
+	vm_object_reference(obj);
+
 	/* check that we are given the whole vm_object ? */
 	vm_map_lookup_done(map, entry);
 
-	// XXX can we really use obj after releasing the map lock?
 	e->obj = obj;
-	vm_object_reference(obj);
-	/* wire the memory and add the vm_object to the kernel map,
-	 * to make sure that it is not fred even if the processes that
-	 * are mmap()ing it all exit
+	/* Wire the memory and add the vm_object to the kernel map,
+	 * to make sure that it is not freed even if all the processes
+	 * that are mmap()ing should munmap() it.
 	 */
 	e->kva = vm_map_min(kernel_map);
 	e->size = obj->size << PAGE_SHIFT;
@@ -744,12 +746,14 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			VM_PROT_READ | VM_PROT_WRITE, 0);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_find(%zx) failed", (size_t)e->size);
+		error = vm_mmap_to_errno(rv);
 		goto out_rel;
 	}
 	rv = vm_map_wire(kernel_map, e->kva, e->kva + e->size,
 			VM_MAP_WIRE_SYSTEM | VM_MAP_WIRE_NOHOLES);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_wire failed");
+		error = vm_mmap_to_errno(rv);
 		goto out_rem;
 	}
 
@@ -759,9 +763,9 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 
 out_rem:
 	vm_map_remove(kernel_map, e->kva, e->kva + e->size);
-	e->obj = NULL;
 out_rel:
 	vm_object_deallocate(e->obj);
+	e->obj = NULL;
 out_free:
 	nm_os_free(e);
 out:

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 21:20:15 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 655475BC850;
 Tue, 23 Mar 2021 21:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4kmH2MJ8z4TXF;
 Tue, 23 Mar 2021 21:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3982F27FB7;
 Tue, 23 Mar 2021 21:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NLKFun056277;
 Tue, 23 Mar 2021 21:20:15 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NLKFig056271;
 Tue, 23 Mar 2021 21:20:15 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 21:20:15 GMT
Message-Id: <202103232120.12NLKFig056271@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Vincenzo Maffione <vmaffione@FreeBSD.org>
Subject: git: e36c2f704635 - stable/11 - netmap: fix issues in
 nm_os_extmem_create()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vmaffione
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/11
X-Git-Reftype: branch
X-Git-Commit: e36c2f704635a101e993fa2d1890bd44c33ebcdd
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 21:20:15 -0000

The branch stable/11 has been updated by vmaffione:

URL: https://cgit.FreeBSD.org/src/commit/?id=e36c2f704635a101e993fa2d1890bd44c33ebcdd

commit e36c2f704635a101e993fa2d1890bd44c33ebcdd
Author:     Vincenzo Maffione <vmaffione@FreeBSD.org>
AuthorDate: 2021-03-20 17:15:50 +0000
Commit:     Vincenzo Maffione <vmaffione@FreeBSD.org>
CommitDate: 2021-03-23 21:19:46 +0000

    netmap: fix issues in nm_os_extmem_create()
    
    - Call vm_object_reference() before vm_map_lookup_done().
    - Use vm_mmap_to_errno() to convert vm_map_* return values to errno.
    - Fix memory leak of e->obj.
    
    Reported by:    markj
    Reviewed by:    markj
    MFC after:      1 week
    
    (cherry picked from commit ee7ffaa2e6e08b63efb4673610875d40964d5058)
---
 sys/dev/netmap/netmap_freebsd.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/sys/dev/netmap/netmap_freebsd.c b/sys/dev/netmap/netmap_freebsd.c
index ec9c565da379..c6a89229b8f3 100644
--- a/sys/dev/netmap/netmap_freebsd.c
+++ b/sys/dev/netmap/netmap_freebsd.c
@@ -661,6 +661,7 @@ nm_os_vi_detach(struct ifnet *ifp)
 
 #ifdef WITH_EXTMEM
 #include <vm/vm_map.h>
+#include <vm/vm_extern.h>
 #include <vm/vm_kern.h>
 struct nm_os_extmem {
 	vm_object_t obj;
@@ -723,17 +724,18 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			&obj, &index, &prot, &wired);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("address %lx not found", p);
+		error = vm_mmap_to_errno(rv);
 		goto out_free;
 	}
+	vm_object_reference(obj);
+
 	/* check that we are given the whole vm_object ? */
 	vm_map_lookup_done(map, entry);
 
-	// XXX can we really use obj after releasing the map lock?
 	e->obj = obj;
-	vm_object_reference(obj);
-	/* wire the memory and add the vm_object to the kernel map,
-	 * to make sure that it is not fred even if the processes that
-	 * are mmap()ing it all exit
+	/* Wire the memory and add the vm_object to the kernel map,
+	 * to make sure that it is not freed even if all the processes
+	 * that are mmap()ing should munmap() it.
 	 */
 	e->kva = vm_map_min(kernel_map);
 	e->size = obj->size << PAGE_SHIFT;
@@ -742,12 +744,14 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			VM_PROT_READ | VM_PROT_WRITE, 0);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_find(%zx) failed", (size_t)e->size);
+		error = vm_mmap_to_errno(rv);
 		goto out_rel;
 	}
 	rv = vm_map_wire(kernel_map, e->kva, e->kva + e->size,
 			VM_MAP_WIRE_SYSTEM | VM_MAP_WIRE_NOHOLES);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_wire failed");
+		error = vm_mmap_to_errno(rv);
 		goto out_rem;
 	}
 
@@ -757,9 +761,9 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 
 out_rem:
 	vm_map_remove(kernel_map, e->kva, e->kva + e->size);
-	e->obj = NULL;
 out_rel:
 	vm_object_deallocate(e->obj);
+	e->obj = NULL;
 out_free:
 	nm_os_free(e);
 out:

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 22:00:19 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9C4BE5BDF0A;
 Tue, 23 Mar 2021 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4lfW428lz4X8X;
 Tue, 23 Mar 2021 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7D451279;
 Tue, 23 Mar 2021 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NM0JYi014696;
 Tue, 23 Mar 2021 22:00:19 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NM0Jah014687;
 Tue, 23 Mar 2021 22:00:19 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 22:00:19 GMT
Message-Id: <202103232200.12NM0Jah014687@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Brandon Bergren <bdragon@FreeBSD.org>
Subject: git: 064f09616c67 - releng/13.0 - [PowerPC64] Fix multiple issues in
 fpsetmask().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: bdragon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 064f09616c6745e96321313a6bebe0872f242eac
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 22:00:19 -0000

The branch releng/13.0 has been updated by bdragon:

URL: https://cgit.FreeBSD.org/src/commit/?id=064f09616c6745e96321313a6bebe0872f242eac

commit 064f09616c6745e96321313a6bebe0872f242eac
Author:     Brandon Bergren <bdragon@FreeBSD.org>
AuthorDate: 2021-03-01 02:35:53 +0000
Commit:     Brandon Bergren <bdragon@FreeBSD.org>
CommitDate: 2021-03-23 21:50:14 +0000

    [PowerPC64] Fix multiple issues in fpsetmask().
    
    Building R exposed a problem in fpsetmask() whereby we were not properly
    clamping the provided mask to the valid range.
    
    R initilizes the mask by calling fpsetmask(~0) on FreeBSD. Since we
    recently enabled precise exceptions, this was causing an immediate
    SIGFPE because we were attempting to set invalid bits in the fpscr.
    
    Properly limit the range of bits that can be set via fpsetmask().
    
    While here, use the correct fp_except_t type instead of fp_rnd_t.
    
    Reported by:    pkubaj (in IRC)
    Sponsored by:   Tag1 Consulting, Inc.
    Approved by:    re (gjb) (Post-RC3 outstanding request approved for RC4)
    
    (cherry picked from commit dd95b39235dd81c890aa3cce02a5bb7f91f23803)
    (cherry picked from commit a79735386c46298274d71577ab6b4dd00be261cc)
---
 lib/libc/powerpc64/gen/fpsetmask.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/libc/powerpc64/gen/fpsetmask.c b/lib/libc/powerpc64/gen/fpsetmask.c
index 4d63552470be..f5d52eec5482 100644
--- a/lib/libc/powerpc64/gen/fpsetmask.c
+++ b/lib/libc/powerpc64/gen/fpsetmask.c
@@ -43,11 +43,11 @@ fp_except_t
 fpsetmask(fp_except_t mask)
 {
 	u_int64_t fpscr;
-	fp_rnd_t old;
+	fp_except_t old;
 
 	__asm__("mffs %0" : "=f"(fpscr));
-	old = (fp_rnd_t)((fpscr >> 3) & 0x1f);
-	fpscr = (fpscr & 0xffffff07) | (mask << 3);
+	old = (fp_except_t)((fpscr >> 3) & 0x1f);
+	fpscr = (fpscr & 0xffffff07) | ((mask & 0x1f) << 3);
 	__asm__ __volatile("mtfsf 0xff,%0" :: "f"(fpscr));
 	return (old);
 }

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 22:00:20 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BB3C05BDF12;
 Tue, 23 Mar 2021 22:00:20 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4lfX4xckz4XSL;
 Tue, 23 Mar 2021 22:00:20 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9C64827A;
 Tue, 23 Mar 2021 22:00:20 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NM0Kx9015171;
 Tue, 23 Mar 2021 22:00:20 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NM0Kau015168;
 Tue, 23 Mar 2021 22:00:20 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 22:00:20 GMT
Message-Id: <202103232200.12NM0Kau015168@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Brandon Bergren <bdragon@FreeBSD.org>
Subject: git: a9c7d90862ef - releng/13.0 - [PowerPC] [PowerPCSPE] Fix multiple
 issues in fpsetmask().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: bdragon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: a9c7d90862ef1214f5d9c4455d4519eec3a34570
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 22:00:20 -0000

The branch releng/13.0 has been updated by bdragon:

URL: https://cgit.FreeBSD.org/src/commit/?id=a9c7d90862ef1214f5d9c4455d4519eec3a34570

commit a9c7d90862ef1214f5d9c4455d4519eec3a34570
Author:     Brandon Bergren <bdragon@FreeBSD.org>
AuthorDate: 2021-03-01 03:06:59 +0000
Commit:     Brandon Bergren <bdragon@FreeBSD.org>
CommitDate: 2021-03-23 21:59:28 +0000

    [PowerPC] [PowerPCSPE] Fix multiple issues in fpsetmask().
    
    Building R on powerpc64 exposed a problem in fpsetmask() whereby we
    were not properly clamping the provided mask to the valid range.
    
    This same issue affects powerpc and powerpcspe.
    
    Properly limit the range of bits that can be set via fpsetmask().
    
    While here, use the correct fp_except_t type instead of fp_rnd_t.
    
    Reported by:    pkubaj, jhibbits (in IRC)
    Sponsored by:   Tag1 Consulting, Inc.
    Approved by:    re (gjb) (Post-RC3 outstanding request approved for RC4)
    
    (cherry picked from commit 384ee7cc6e9e4ddc91a6e9e623fcbbe5826bce38)
    (cherry picked from commit 8b96d6ac04e7e761ec6b9eff47c801a2b89fbd6d)
---
 lib/libc/powerpc/gen/fpsetmask.c    | 6 +++---
 lib/libc/powerpcspe/gen/fpsetmask.c | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/libc/powerpc/gen/fpsetmask.c b/lib/libc/powerpc/gen/fpsetmask.c
index 4d63552470be..f5d52eec5482 100644
--- a/lib/libc/powerpc/gen/fpsetmask.c
+++ b/lib/libc/powerpc/gen/fpsetmask.c
@@ -43,11 +43,11 @@ fp_except_t
 fpsetmask(fp_except_t mask)
 {
 	u_int64_t fpscr;
-	fp_rnd_t old;
+	fp_except_t old;
 
 	__asm__("mffs %0" : "=f"(fpscr));
-	old = (fp_rnd_t)((fpscr >> 3) & 0x1f);
-	fpscr = (fpscr & 0xffffff07) | (mask << 3);
+	old = (fp_except_t)((fpscr >> 3) & 0x1f);
+	fpscr = (fpscr & 0xffffff07) | ((mask & 0x1f) << 3);
 	__asm__ __volatile("mtfsf 0xff,%0" :: "f"(fpscr));
 	return (old);
 }
diff --git a/lib/libc/powerpcspe/gen/fpsetmask.c b/lib/libc/powerpcspe/gen/fpsetmask.c
index e71b822d6e0b..2f48802d9ca3 100644
--- a/lib/libc/powerpcspe/gen/fpsetmask.c
+++ b/lib/libc/powerpcspe/gen/fpsetmask.c
@@ -42,11 +42,11 @@ fp_except_t
 fpsetmask(fp_except_t mask)
 {
 	uint32_t fpscr;
-	fp_rnd_t old;
+	fp_except_t old;
 
 	__asm__ __volatile("mfspr %0, %1" : "=r"(fpscr) : "K"(SPR_SPEFSCR));
-	old = (fp_rnd_t)((fpscr >> 2) & 0x1f);
-	fpscr = (fpscr & 0xffffff83) | (mask << 2);
+	old = (fp_except_t)((fpscr >> 2) & 0x1f);
+	fpscr = (fpscr & 0xffffff83) | ((mask & 0x1f) << 2);
 	__asm__ __volatile("mtspr %1,%0;isync" :: "r"(fpscr), "K"(SPR_SPEFSCR));
 	return (old);
 }

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 22:04:46 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6435F5BE1A9;
 Tue, 23 Mar 2021 22:04:46 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4llf2P20z4XnT;
 Tue, 23 Mar 2021 22:04:46 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 45323B17;
 Tue, 23 Mar 2021 22:04:46 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NM4k4i020229;
 Tue, 23 Mar 2021 22:04:46 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NM4kn5020228;
 Tue, 23 Mar 2021 22:04:46 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 22:04:46 GMT
Message-Id: <202103232204.12NM4kn5020228@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Vincenzo Maffione <vmaffione@FreeBSD.org>
Subject: git: f7e3976ed033 - releng/13.0 - netmap: fix memory leak in
 NETMAP_REQ_PORT_INFO_GET
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vmaffione
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: f7e3976ed0336b338ae83cfaef68ef5094532040
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 22:04:46 -0000

The branch releng/13.0 has been updated by vmaffione:

URL: https://cgit.FreeBSD.org/src/commit/?id=f7e3976ed0336b338ae83cfaef68ef5094532040

commit f7e3976ed0336b338ae83cfaef68ef5094532040
Author:     Vincenzo Maffione <vmaffione@FreeBSD.org>
AuthorDate: 2021-03-15 17:39:18 +0000
Commit:     Vincenzo Maffione <vmaffione@FreeBSD.org>
CommitDate: 2021-03-23 22:04:29 +0000

    netmap: fix memory leak in NETMAP_REQ_PORT_INFO_GET
    
    The netmap_ioctl() function has a reference counting bug in case of
    NETMAP_REQ_PORT_INFO_GET command. When `hdr->nr_name[0] == '\0'`,
    the function does not decrease the refcount of "nmd", which is
    increased by netmap_mem_find(), causing a refcount leak.
    
    Approved by:    re (gjb)
    Reported by:    Xiyu Yang <sherllyyang00@gmail.com>
    Submitted by:   Carl Smith <carl.smith@alliedtelesis.co.nz>
    MFC after: 3 days
    PR:     254311
    
    (cherry picked from commit 0ab5902e8ad93d0a9341dcce386b6c571ee02173)
    (cherry picked from commit 120a4bd4e9d05147a9774a2ca4b4eff48e062442)
---
 sys/dev/netmap/netmap.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sys/dev/netmap/netmap.c b/sys/dev/netmap/netmap.c
index b711e0d2497e..0bc723f6963d 100644
--- a/sys/dev/netmap/netmap.c
+++ b/sys/dev/netmap/netmap.c
@@ -2646,6 +2646,7 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data,
 		case NETMAP_REQ_PORT_INFO_GET: {
 			struct nmreq_port_info_get *req =
 				(struct nmreq_port_info_get *)(uintptr_t)hdr->nr_body;
+			int nmd_ref = 0;
 
 			NMG_LOCK();
 			do {
@@ -2687,6 +2688,7 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data,
 						error = EINVAL;
 						break;
 					}
+					nmd_ref = 1;
 				}
 
 				error = netmap_mem_get_info(nmd, &req->nr_memsize, &memflags,
@@ -2704,6 +2706,8 @@ netmap_ioctl(struct netmap_priv_d *priv, u_long cmd, caddr_t data,
 				req->nr_host_rx_rings = na->num_host_rx_rings;
 			} while (0);
 			netmap_unget_na(na, ifp);
+			if (nmd_ref)
+				netmap_mem_put(nmd);
 			NMG_UNLOCK();
 			break;
 		}

From owner-dev-commits-src-branches@freebsd.org  Tue Mar 23 22:05:32 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C3A795BE404;
 Tue, 23 Mar 2021 22:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4lmX5C3tz4YLl;
 Tue, 23 Mar 2021 22:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A58B7A9F;
 Tue, 23 Mar 2021 22:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12NM5Wg6020462;
 Tue, 23 Mar 2021 22:05:32 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12NM5Weg020461;
 Tue, 23 Mar 2021 22:05:32 GMT (envelope-from git)
Date: Tue, 23 Mar 2021 22:05:32 GMT
Message-Id: <202103232205.12NM5Weg020461@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Vincenzo Maffione <vmaffione@FreeBSD.org>
Subject: git: 4ec92bce4ece - releng/13.0 - netmap: fix issues in
 nm_os_extmem_create()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vmaffione
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 4ec92bce4ecea5fbd21757f1938ec1fd00d7de98
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 22:05:32 -0000

The branch releng/13.0 has been updated by vmaffione:

URL: https://cgit.FreeBSD.org/src/commit/?id=4ec92bce4ecea5fbd21757f1938ec1fd00d7de98

commit 4ec92bce4ecea5fbd21757f1938ec1fd00d7de98
Author:     Vincenzo Maffione <vmaffione@FreeBSD.org>
AuthorDate: 2021-03-20 17:15:50 +0000
Commit:     Vincenzo Maffione <vmaffione@FreeBSD.org>
CommitDate: 2021-03-23 22:05:01 +0000

    netmap: fix issues in nm_os_extmem_create()
    
    - Call vm_object_reference() before vm_map_lookup_done().
    - Use vm_mmap_to_errno() to convert vm_map_* return values to errno.
    - Fix memory leak of e->obj.
    
    Approved by:    re (gjb)
    Reported by:    markj
    Reviewed by:    markj
    MFC after:      1 week
    
    (cherry picked from commit ee7ffaa2e6e08b63efb4673610875d40964d5058)
    (cherry picked from commit 3e4127f8f2933029034ac618a0013f434cb4a420)
---
 sys/dev/netmap/netmap_freebsd.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/sys/dev/netmap/netmap_freebsd.c b/sys/dev/netmap/netmap_freebsd.c
index e37815dc88d5..2cedea4440fe 100644
--- a/sys/dev/netmap/netmap_freebsd.c
+++ b/sys/dev/netmap/netmap_freebsd.c
@@ -664,6 +664,7 @@ nm_os_vi_detach(struct ifnet *ifp)
 
 #ifdef WITH_EXTMEM
 #include <vm/vm_map.h>
+#include <vm/vm_extern.h>
 #include <vm/vm_kern.h>
 struct nm_os_extmem {
 	vm_object_t obj;
@@ -726,17 +727,18 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			&obj, &index, &prot, &wired);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("address %lx not found", p);
+		error = vm_mmap_to_errno(rv);
 		goto out_free;
 	}
+	vm_object_reference(obj);
+
 	/* check that we are given the whole vm_object ? */
 	vm_map_lookup_done(map, entry);
 
-	// XXX can we really use obj after releasing the map lock?
 	e->obj = obj;
-	vm_object_reference(obj);
-	/* wire the memory and add the vm_object to the kernel map,
-	 * to make sure that it is not fred even if the processes that
-	 * are mmap()ing it all exit
+	/* Wire the memory and add the vm_object to the kernel map,
+	 * to make sure that it is not freed even if all the processes
+	 * that are mmap()ing should munmap() it.
 	 */
 	e->kva = vm_map_min(kernel_map);
 	e->size = obj->size << PAGE_SHIFT;
@@ -745,12 +747,14 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 			VM_PROT_READ | VM_PROT_WRITE, 0);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_find(%zx) failed", (size_t)e->size);
+		error = vm_mmap_to_errno(rv);
 		goto out_rel;
 	}
 	rv = vm_map_wire(kernel_map, e->kva, e->kva + e->size,
 			VM_MAP_WIRE_SYSTEM | VM_MAP_WIRE_NOHOLES);
 	if (rv != KERN_SUCCESS) {
 		nm_prerr("vm_map_wire failed");
+		error = vm_mmap_to_errno(rv);
 		goto out_rem;
 	}
 
@@ -760,9 +764,9 @@ nm_os_extmem_create(unsigned long p, struct nmreq_pools_info *pi, int *perror)
 
 out_rem:
 	vm_map_remove(kernel_map, e->kva, e->kva + e->size);
-	e->obj = NULL;
 out_rel:
 	vm_object_deallocate(e->obj);
+	e->obj = NULL;
 out_free:
 	nm_os_free(e);
 out:

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 00:08:33 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B22B65790C0;
 Wed, 24 Mar 2021 00:08:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4pVT4fTSz4gWV;
 Wed, 24 Mar 2021 00:08:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8E02E1F5F;
 Wed, 24 Mar 2021 00:08:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O08X2L089180;
 Wed, 24 Mar 2021 00:08:33 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O08XL3089179;
 Wed, 24 Mar 2021 00:08:33 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 00:08:33 GMT
Message-Id: <202103240008.12O08XL3089179@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: f979a90f4209 - releng/13.0 - AArch64: Don't set
 flush-subnormals-to-zero flag on startup
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: f979a90f4209418a26d858ca97b1497985bda0a7
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 00:08:33 -0000

The branch releng/13.0 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=f979a90f4209418a26d858ca97b1497985bda0a7

commit f979a90f4209418a26d858ca97b1497985bda0a7
Author:     Alex Richardson <arichardson@FreeBSD.org>
AuthorDate: 2021-03-01 14:27:30 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-24 00:07:34 +0000

    AArch64: Don't set flush-subnormals-to-zero flag on startup
    
    This flag has been set on startup since 65618fdda0f272a823e6701966421bdca0efa301.
    However, This causes some of the math-related tests to fail as they report
    zero instead of a tiny number. This fixes at least
    /usr/tests/lib/msun/ldexp_test and possibly others.
    Additionally, setting this flag prevents printf() from printing subnormal
    numbers in decimal form.
    See also https://www.openwall.com/lists/musl/2021/02/26/1
    
    PR:             253847
    Reviewed By:    mmel
    Approved by:    re (gjb)
    Differential Revision: https://reviews.freebsd.org/D28938
    
    (cherry picked from commit 0e4ff0acbe80c547988bede738af2e227c7eb47c)
    (cherry picked from commit d37fb0e37814db8f76462b3b9f1fb0e6dfca6324)
---
 lib/libc/tests/stdio/printfloat_test.c | 35 +++++++++++++++++++++++++++++++++-
 sys/arm64/arm64/vm_machdep.c           |  2 +-
 2 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/lib/libc/tests/stdio/printfloat_test.c b/lib/libc/tests/stdio/printfloat_test.c
index 97629fb0d2b1..736ba1b493ef 100644
--- a/lib/libc/tests/stdio/printfloat_test.c
+++ b/lib/libc/tests/stdio/printfloat_test.c
@@ -50,7 +50,7 @@ smash_stack(void)
 {
 	static uint32_t junk = 0xdeadbeef;
 	uint32_t buf[512];
-	int i;
+	size_t i;
 
 	for (i = 0; i < sizeof(buf) / sizeof(buf[0]); i++)
 		buf[i] = junk;
@@ -370,6 +370,37 @@ ATF_TC_BODY(hexadecimal_rounding, tc)
 	testfmt("0x1.83p+0", "%.2a", 1.51);
 }
 
+ATF_TC_WITHOUT_HEAD(subnormal_double);
+ATF_TC_BODY(subnormal_double, tc)
+{
+	/* Regression test for https://bugs.freebsd.org/253847 */
+	double positive = __DBL_DENORM_MIN__;
+	testfmt("4.9406564584124654418e-324", "%20.20g", positive);
+	testfmt("4.9406564584124654418E-324", "%20.20G", positive);
+	testfmt("0x1p-1074", "%a", positive);
+	testfmt("0X1P-1074", "%A", positive);
+	double negative = -__DBL_DENORM_MIN__;
+	testfmt("-4.9406564584124654418e-324", "%20.20g", negative);
+	testfmt("-4.9406564584124654418E-324", "%20.20G", negative);
+	testfmt("-0x1p-1074", "%a", negative);
+	testfmt("-0X1P-1074", "%A", negative);
+}
+
+ATF_TC_WITHOUT_HEAD(subnormal_float);
+ATF_TC_BODY(subnormal_float, tc)
+{
+	float positive = __FLT_DENORM_MIN__;
+	testfmt("1.4012984643248170709e-45", "%20.20g", positive);
+	testfmt("1.4012984643248170709E-45", "%20.20G", positive);
+	testfmt("0x1p-149", "%a", positive);
+	testfmt("0X1P-149", "%A", positive);
+	float negative = -__FLT_DENORM_MIN__;
+	testfmt("-1.4012984643248170709e-45", "%20.20g", negative);
+	testfmt("-1.4012984643248170709E-45", "%20.20G", negative);
+	testfmt("-0x1p-149", "%a", negative);
+	testfmt("-0X1P-149", "%A", negative);
+}
+
 ATF_TP_ADD_TCS(tp)
 {
 
@@ -384,6 +415,8 @@ ATF_TP_ADD_TCS(tp)
 	ATF_TP_ADD_TC(tp, decimal_rounding);
 	ATF_TP_ADD_TC(tp, hexadecimal_floating_point);
 	ATF_TP_ADD_TC(tp, hexadecimal_rounding);
+	ATF_TP_ADD_TC(tp, subnormal_double);
+	ATF_TP_ADD_TC(tp, subnormal_float);
 
 	return (atf_no_error());
 }
diff --git a/sys/arm64/arm64/vm_machdep.c b/sys/arm64/arm64/vm_machdep.c
index 9e9b588c7db1..68ffcef57ac2 100644
--- a/sys/arm64/arm64/vm_machdep.c
+++ b/sys/arm64/arm64/vm_machdep.c
@@ -55,7 +55,7 @@ __FBSDID("$FreeBSD$");
 #include <machine/vfp.h>
 #endif
 
-uint32_t initial_fpcr = VFPCR_DN | VFPCR_FZ;
+uint32_t initial_fpcr = VFPCR_DN;
 
 #include <dev/psci/psci.h>
 

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 00:54:05 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2550D57B8D2;
 Wed, 24 Mar 2021 00:54:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4qW10d0Hz4l8p;
 Wed, 24 Mar 2021 00:54:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 085322BDA;
 Wed, 24 Mar 2021 00:54:05 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O0s4G9057649;
 Wed, 24 Mar 2021 00:54:04 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O0s4eQ057648;
 Wed, 24 Mar 2021 00:54:04 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 00:54:04 GMT
Message-Id: <202103240054.12O0s4eQ057648@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: 34e12e9a177a - stable/13 - MFC: Fix local-unbound setup for some
 IPv6 deployments.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 34e12e9a177a1d2386a855eb5a497f6f8a680180
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 00:54:05 -0000

The branch stable/13 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=34e12e9a177a1d2386a855eb5a497f6f8a680180

commit 34e12e9a177a1d2386a855eb5a497f6f8a680180
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 00:53:35 +0000

    MFC: Fix local-unbound setup for some IPv6 deployments.
    
    On behalf of:   des
    PR:             250984
    
    (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f)
---
 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh
index c51145cf2312..3be78339b0ba 100755
--- a/usr.sbin/unbound/setup/local-unbound-setup.sh
+++ b/usr.sbin/unbound/setup/local-unbound-setup.sh
@@ -66,7 +66,7 @@ bkext=$(date "+%Y%m%d.%H%M%S")
 RE_octet="([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"
 RE_ipv4="(${RE_octet}(\\.${RE_octet}){3})"
 RE_word="([0-9A-Fa-f]{1,4})"
-RE_ipv6="((${RE_word}:){1,}(:|(:${RE_word})*)|::1)"
+RE_ipv6="((${RE_word}:){1,}(:|${RE_word}?(:${RE_word})*)|::1)"
 RE_port="([1-9][0-9]{0,3}|[1-5][0-9]{4,4}|6([0-4][0-9]{3}|5([0-4][0-9]{2}|5([0-2][0-9]|3[0-5]))))"
 RE_dnsname="([0-9A-Za-z-]{1,}(\\.[0-9A-Za-z-]{1,})*\\.?)"
 RE_forward_addr="((${RE_ipv4}|${RE_ipv6})(@${RE_port})?)"

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 00:56:57 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9AC5457BB29;
 Wed, 24 Mar 2021 00:56:57 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4qZK3zz8z4lGG;
 Wed, 24 Mar 2021 00:56:57 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7BB9F2D5E;
 Wed, 24 Mar 2021 00:56:57 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O0uvVe058230;
 Wed, 24 Mar 2021 00:56:57 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O0uvnj058229;
 Wed, 24 Mar 2021 00:56:57 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 00:56:57 GMT
Message-Id: <202103240056.12O0uvnj058229@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: c6aa83342e5d - stable/13 - MFC: Fix post-start check when
 unbound.conf has moved.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c6aa83342e5deccc51f627fcb92ca083fe798a3b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 00:56:57 -0000

The branch stable/13 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=c6aa83342e5deccc51f627fcb92ca083fe798a3b

commit c6aa83342e5deccc51f627fcb92ca083fe798a3b
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:18:59 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 00:56:33 +0000

    MFC: Fix post-start check when unbound.conf has moved.
    
    On behalf of:   des
    Reported by:    phk@
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 409388cfac49a312034e9397c870e3f81ff90734)
---
 libexec/rc/rc.d/local_unbound | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/local_unbound b/libexec/rc/rc.d/local_unbound
index 858ef56dbc0d..19cb9a6c5c01 100755
--- a/libexec/rc/rc.d/local_unbound
+++ b/libexec/rc/rc.d/local_unbound
@@ -106,7 +106,7 @@ local_unbound_poststart()
 	local retry=5
 
 	echo -n "Waiting for nameserver to start..."
-	until "${command}-control" status | grep -q "is running" ; do
+	until "${command}-control" -c "${local_unbound_config}" status | grep -q "is running" ; do
 		if [ $((retry -= 1)) -eq 0 ] ; then
 			echo " giving up"
 			return 1

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 01:26:07 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9DC4A57C5D3;
 Wed, 24 Mar 2021 01:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4rCz44M4z4mVb;
 Wed, 24 Mar 2021 01:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7EA6A378D;
 Wed, 24 Mar 2021 01:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O1Q7Le000740;
 Wed, 24 Mar 2021 01:26:07 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O1Q7rl000739;
 Wed, 24 Mar 2021 01:26:07 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 01:26:07 GMT
Message-Id: <202103240126.12O1Q7rl000739@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: ed407c92e43f - stable/13 - nvme: Replace potentially long
 DELAY() with pause().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ed407c92e43f88652365c84dc54098a7ed479471
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 01:26:07 -0000

The branch stable/13 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=ed407c92e43f88652365c84dc54098a7ed479471

commit ed407c92e43f88652365c84dc54098a7ed479471
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2021-03-17 14:30:40 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2021-03-24 01:26:00 +0000

    nvme: Replace potentially long DELAY() with pause().
    
    In some cases like broken hardware nvme(4) may wait minutes for
    controller response before timeout.  Doing so in a tight spin loop
    made whole system unresponsive.
    
    Reviewed by:    imp
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D29309
    Sponsored by:   iXsystems, Inc.
    
    (cherry picked from commit 4fbbe523653b6d2a0186aca38224efcab941deaa)
---
 sys/dev/nvme/nvme_ctrlr.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/sys/dev/nvme/nvme_ctrlr.c b/sys/dev/nvme/nvme_ctrlr.c
index 351c6839a6f6..9f86e3a8c846 100644
--- a/sys/dev/nvme/nvme_ctrlr.c
+++ b/sys/dev/nvme/nvme_ctrlr.c
@@ -255,10 +255,9 @@ nvme_ctrlr_fail_req_task(void *arg, int pending)
 static int
 nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val)
 {
-	int ms_waited;
+	int timeout = ticks + (uint64_t)ctrlr->ready_timeout_in_ms * hz / 1000;
 	uint32_t csts;
 
-	ms_waited = 0;
 	while (1) {
 		csts = nvme_mmio_read_4(ctrlr, csts);
 		if (csts == NVME_GONE)		/* Hot unplug. */
@@ -266,12 +265,12 @@ nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val)
 		if (((csts >> NVME_CSTS_REG_RDY_SHIFT) & NVME_CSTS_REG_RDY_MASK)
 		    == desired_val)
 			break;
-		if (ms_waited++ > ctrlr->ready_timeout_in_ms) {
+		if (timeout - ticks < 0) {
 			nvme_printf(ctrlr, "controller ready did not become %d "
 			    "within %d ms\n", desired_val, ctrlr->ready_timeout_in_ms);
 			return (ENXIO);
 		}
-		DELAY(1000);
+		pause("nvmerdy", 1);
 	}
 
 	return (0);
@@ -410,7 +409,7 @@ nvme_ctrlr_hw_reset(struct nvme_controller *ctrlr)
 
 	nvme_ctrlr_disable_qpairs(ctrlr);
 
-	DELAY(100*1000);
+	pause("nvmehwreset", hz / 10);
 
 	err = nvme_ctrlr_disable(ctrlr);
 	if (err != 0)
@@ -1538,27 +1537,26 @@ nvme_ctrlr_shutdown(struct nvme_controller *ctrlr)
 {
 	uint32_t	cc;
 	uint32_t	csts;
-	int		ticks = 0, timeout;
+	int		timeout;
 
 	cc = nvme_mmio_read_4(ctrlr, cc);
 	cc &= ~(NVME_CC_REG_SHN_MASK << NVME_CC_REG_SHN_SHIFT);
 	cc |= NVME_SHN_NORMAL << NVME_CC_REG_SHN_SHIFT;
 	nvme_mmio_write_4(ctrlr, cc, cc);
 
-	timeout = ctrlr->cdata.rtd3e == 0 ? 5 * hz :
-	    ((uint64_t)ctrlr->cdata.rtd3e * hz + 999999) / 1000000;
+	timeout = ticks + (ctrlr->cdata.rtd3e == 0 ? 5 * hz :
+	    ((uint64_t)ctrlr->cdata.rtd3e * hz + 999999) / 1000000);
 	while (1) {
 		csts = nvme_mmio_read_4(ctrlr, csts);
 		if (csts == NVME_GONE)		/* Hot unplug. */
 			break;
 		if (NVME_CSTS_GET_SHST(csts) == NVME_SHST_COMPLETE)
 			break;
-		if (ticks++ > timeout) {
-			nvme_printf(ctrlr, "did not complete shutdown within"
-			    " %d ticks of notification\n", timeout);
+		if (timeout - ticks < 0) {
+			nvme_printf(ctrlr, "shutdown timeout\n");
 			break;
 		}
-		pause("nvme shn", 1);
+		pause("nvmeshut", 1);
 	}
 }
 
@@ -1635,7 +1633,7 @@ nvme_ctrlr_suspend(struct nvme_controller *ctrlr)
 	 */
 	nvme_ctrlr_delete_qpairs(ctrlr);
 	nvme_ctrlr_disable_qpairs(ctrlr);
-	DELAY(100*1000);
+	pause("nvmesusp", hz / 10);
 	nvme_ctrlr_shutdown(ctrlr);
 
 	return (0);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 01:27:06 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B76B957C4F4;
 Wed, 24 Mar 2021 01:27:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4rF64jcpz4msr;
 Wed, 24 Mar 2021 01:27:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 941E0378E;
 Wed, 24 Mar 2021 01:27:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O1R63f000988;
 Wed, 24 Mar 2021 01:27:06 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O1R6VS000987;
 Wed, 24 Mar 2021 01:27:06 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 01:27:06 GMT
Message-Id: <202103240127.12O1R6VS000987@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: d00a723a2a5c - stable/12 - nvme: Replace potentially long
 DELAY() with pause().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: d00a723a2a5c1cd686fdab4b6d9c5084705d7182
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 01:27:06 -0000

The branch stable/12 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=d00a723a2a5c1cd686fdab4b6d9c5084705d7182

commit d00a723a2a5c1cd686fdab4b6d9c5084705d7182
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2021-03-17 14:30:40 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2021-03-24 01:26:34 +0000

    nvme: Replace potentially long DELAY() with pause().
    
    In some cases like broken hardware nvme(4) may wait minutes for
    controller response before timeout.  Doing so in a tight spin loop
    made whole system unresponsive.
    
    Reviewed by:    imp
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D29309
    Sponsored by:   iXsystems, Inc.
    
    (cherry picked from commit 4fbbe523653b6d2a0186aca38224efcab941deaa)
---
 sys/dev/nvme/nvme_ctrlr.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/sys/dev/nvme/nvme_ctrlr.c b/sys/dev/nvme/nvme_ctrlr.c
index 9e4268d9f4b5..d011eec99722 100644
--- a/sys/dev/nvme/nvme_ctrlr.c
+++ b/sys/dev/nvme/nvme_ctrlr.c
@@ -224,10 +224,9 @@ nvme_ctrlr_fail_req_task(void *arg, int pending)
 static int
 nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val)
 {
-	int ms_waited;
+	int timeout = ticks + (uint64_t)ctrlr->ready_timeout_in_ms * hz / 1000;
 	uint32_t csts;
 
-	ms_waited = 0;
 	while (1) {
 		csts = nvme_mmio_read_4(ctrlr, csts);
 		if (csts == 0xffffffff)		/* Hot unplug. */
@@ -235,12 +234,12 @@ nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val)
 		if (((csts >> NVME_CSTS_REG_RDY_SHIFT) & NVME_CSTS_REG_RDY_MASK)
 		    == desired_val)
 			break;
-		if (ms_waited++ > ctrlr->ready_timeout_in_ms) {
+		if (timeout - ticks < 0) {
 			nvme_printf(ctrlr, "controller ready did not become %d "
 			    "within %d ms\n", desired_val, ctrlr->ready_timeout_in_ms);
 			return (ENXIO);
 		}
-		DELAY(1000);
+		pause("nvmerdy", 1);
 	}
 
 	return (0);
@@ -379,7 +378,7 @@ nvme_ctrlr_hw_reset(struct nvme_controller *ctrlr)
 
 	nvme_ctrlr_disable_qpairs(ctrlr);
 
-	DELAY(100*1000);
+	pause("nvmehwreset", hz / 10);
 
 	err = nvme_ctrlr_disable(ctrlr);
 	if (err != 0)
@@ -1514,27 +1513,26 @@ nvme_ctrlr_shutdown(struct nvme_controller *ctrlr)
 {
 	uint32_t	cc;
 	uint32_t	csts;
-	int		ticks = 0, timeout;
+	int		timeout;
 
 	cc = nvme_mmio_read_4(ctrlr, cc);
 	cc &= ~(NVME_CC_REG_SHN_MASK << NVME_CC_REG_SHN_SHIFT);
 	cc |= NVME_SHN_NORMAL << NVME_CC_REG_SHN_SHIFT;
 	nvme_mmio_write_4(ctrlr, cc, cc);
 
-	timeout = ctrlr->cdata.rtd3e == 0 ? 5 * hz :
-	    ((uint64_t)ctrlr->cdata.rtd3e * hz + 999999) / 1000000;
+	timeout = ticks + (ctrlr->cdata.rtd3e == 0 ? 5 * hz :
+	    ((uint64_t)ctrlr->cdata.rtd3e * hz + 999999) / 1000000);
 	while (1) {
 		csts = nvme_mmio_read_4(ctrlr, csts);
 		if (csts == 0xffffffff)		/* Hot unplug. */
 			break;
 		if (NVME_CSTS_GET_SHST(csts) == NVME_SHST_COMPLETE)
 			break;
-		if (ticks++ > timeout) {
-			nvme_printf(ctrlr, "did not complete shutdown within"
-			    " %d ticks of notification\n", timeout);
+		if (timeout - ticks < 0) {
+			nvme_printf(ctrlr, "shutdown timeout\n");
 			break;
 		}
-		pause("nvme shn", 1);
+		pause("nvmeshut", 1);
 	}
 }
 
@@ -1611,7 +1609,7 @@ nvme_ctrlr_suspend(struct nvme_controller *ctrlr)
 	 */
 	nvme_ctrlr_delete_qpairs(ctrlr);
 	nvme_ctrlr_disable_qpairs(ctrlr);
-	DELAY(100*1000);
+	pause("nvmesusp", hz / 10);
 	nvme_ctrlr_shutdown(ctrlr);
 
 	return (0);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 01:49:17 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AAFDF57D1AB;
 Wed, 24 Mar 2021 01:49:17 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4rkj4TQ9z4p34;
 Wed, 24 Mar 2021 01:49:17 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 882ED34CE;
 Wed, 24 Mar 2021 01:49:17 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O1nH4o029512;
 Wed, 24 Mar 2021 01:49:17 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O1nHZV029511;
 Wed, 24 Mar 2021 01:49:17 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 01:49:17 GMT
Message-Id: <202103240149.12O1nHZV029511@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: e011488bae5a - releng/13.0 - MFC: Fix local-unbound setup for
 some IPv6 deployments.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: e011488bae5ae688a839e77b77e15f2231a5c148
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 01:49:17 -0000

The branch releng/13.0 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=e011488bae5ae688a839e77b77e15f2231a5c148

commit e011488bae5ae688a839e77b77e15f2231a5c148
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 01:47:57 +0000

    MFC: Fix local-unbound setup for some IPv6 deployments.
    
    On behalf of:   des
    PR:             250984
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Approved by:    re (cperciva)
    
    (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f)
    (cherry picked from commit 34e12e9a177a1d2386a855eb5a497f6f8a680180)
---
 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh
index c51145cf2312..3be78339b0ba 100755
--- a/usr.sbin/unbound/setup/local-unbound-setup.sh
+++ b/usr.sbin/unbound/setup/local-unbound-setup.sh
@@ -66,7 +66,7 @@ bkext=$(date "+%Y%m%d.%H%M%S")
 RE_octet="([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"
 RE_ipv4="(${RE_octet}(\\.${RE_octet}){3})"
 RE_word="([0-9A-Fa-f]{1,4})"
-RE_ipv6="((${RE_word}:){1,}(:|(:${RE_word})*)|::1)"
+RE_ipv6="((${RE_word}:){1,}(:|${RE_word}?(:${RE_word})*)|::1)"
 RE_port="([1-9][0-9]{0,3}|[1-5][0-9]{4,4}|6([0-4][0-9]{3}|5([0-4][0-9]{2}|5([0-2][0-9]|3[0-5]))))"
 RE_dnsname="([0-9A-Za-z-]{1,}(\\.[0-9A-Za-z-]{1,})*\\.?)"
 RE_forward_addr="((${RE_ipv4}|${RE_ipv6})(@${RE_port})?)"

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 01:49:18 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BECB657D1AC;
 Wed, 24 Mar 2021 01:49:18 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F4rkk52KHz4p36;
 Wed, 24 Mar 2021 01:49:18 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9F99F34CF;
 Wed, 24 Mar 2021 01:49:18 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O1nIFT029533;
 Wed, 24 Mar 2021 01:49:18 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O1nIPN029532;
 Wed, 24 Mar 2021 01:49:18 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 01:49:18 GMT
Message-Id: <202103240149.12O1nIPN029532@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: 4f5b454509ab - releng/13.0 - MFC: Fix post-start check when
 unbound.conf has moved.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 4f5b454509ab4f1b56a2c9456097ba18baff6609
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 01:49:18 -0000

The branch releng/13.0 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=4f5b454509ab4f1b56a2c9456097ba18baff6609

commit 4f5b454509ab4f1b56a2c9456097ba18baff6609
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:18:59 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 01:48:42 +0000

    MFC: Fix post-start check when unbound.conf has moved.
    
    On behalf of:   des
    Reported by:    phk@
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Approved by:    re (cperciva)
    
    (cherry picked from commit 409388cfac49a312034e9397c870e3f81ff90734)
    (cherry picked from commit c6aa83342e5deccc51f627fcb92ca083fe798a3b)
---
 libexec/rc/rc.d/local_unbound | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/local_unbound b/libexec/rc/rc.d/local_unbound
index 858ef56dbc0d..19cb9a6c5c01 100755
--- a/libexec/rc/rc.d/local_unbound
+++ b/libexec/rc/rc.d/local_unbound
@@ -106,7 +106,7 @@ local_unbound_poststart()
 	local retry=5
 
 	echo -n "Waiting for nameserver to start..."
-	until "${command}-control" status | grep -q "is running" ; do
+	until "${command}-control" -c "${local_unbound_config}" status | grep -q "is running" ; do
 		if [ $((retry -= 1)) -eq 0 ] ; then
 			echo " giving up"
 			return 1

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 07:57:06 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2A6BF5AD4BF;
 Wed, 24 Mar 2021 07:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F50v60hdkz3PsX;
 Wed, 24 Mar 2021 07:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0A6B110C82;
 Wed, 24 Mar 2021 07:57:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O7v55O049329;
 Wed, 24 Mar 2021 07:57:05 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O7v5uk049328;
 Wed, 24 Mar 2021 07:57:05 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 07:57:05 GMT
Message-Id: <202103240757.12O7v5uk049328@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: ff2e2bca31a5 - stable/13 - MFC 1acf24a044aa: Implement
 pci_get_relaxed_ordering_enabled() helper function.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ff2e2bca31a53357e70781ab46dc63356c17ef95
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 07:57:06 -0000

The branch stable/13 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=ff2e2bca31a53357e70781ab46dc63356c17ef95

commit ff2e2bca31a53357e70781ab46dc63356c17ef95
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-16 15:06:42 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-24 07:54:52 +0000

    MFC 1acf24a044aa:
    Implement pci_get_relaxed_ordering_enabled() helper function.
    
    Discussed with: kib@
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit 1acf24a044aaa0391c61af4abe7e018c3bf8a37c)
---
 sys/dev/pci/pci.c    | 15 +++++++++++++++
 sys/dev/pci/pcivar.h |  1 +
 2 files changed, 16 insertions(+)

diff --git a/sys/dev/pci/pci.c b/sys/dev/pci/pci.c
index 1ca128a48ad0..d85ce5baa7bc 100644
--- a/sys/dev/pci/pci.c
+++ b/sys/dev/pci/pci.c
@@ -2182,6 +2182,21 @@ pci_ht_map_msi(device_t dev, uint64_t addr)
 	}
 }
 
+int
+pci_get_relaxed_ordering_enabled(device_t dev)
+{
+	struct pci_devinfo *dinfo = device_get_ivars(dev);
+	int cap;
+	uint16_t val;
+
+	cap = dinfo->cfg.pcie.pcie_location;
+	if (cap == 0)
+		return (0);
+	val = pci_read_config(dev, cap + PCIER_DEVICE_CTL, 2);
+	val &= PCIEM_CTL_RELAXED_ORD_ENABLE;
+	return (val != 0);
+}
+
 int
 pci_get_max_payload(device_t dev)
 {
diff --git a/sys/dev/pci/pcivar.h b/sys/dev/pci/pcivar.h
index 0f04ca8f623c..74aa704635f7 100644
--- a/sys/dev/pci/pcivar.h
+++ b/sys/dev/pci/pcivar.h
@@ -677,6 +677,7 @@ int	pci_msix_device_blacklisted(device_t dev);
 void	pci_ht_map_msi(device_t dev, uint64_t addr);
 
 device_t pci_find_pcie_root_port(device_t dev);
+int	pci_get_relaxed_ordering_enabled(device_t dev);
 int	pci_get_max_payload(device_t dev);
 int	pci_get_max_read_req(device_t dev);
 void	pci_restore_state(device_t dev);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 08:00:49 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B9E065ADD6B;
 Wed, 24 Mar 2021 08:00:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F50zP4tyRz3QVb;
 Wed, 24 Mar 2021 08:00:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9AFC810A2A;
 Wed, 24 Mar 2021 08:00:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O80ndq059798;
 Wed, 24 Mar 2021 08:00:49 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O80nWR059797;
 Wed, 24 Mar 2021 08:00:49 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 08:00:49 GMT
Message-Id: <202103240800.12O80nWR059797@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Subject: git: 7cf565b2c5f0 - stable/12 - Implement
 pci_get_relaxed_ordering_enabled() helper function.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: hselasky
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 7cf565b2c5f0ed90eecd52b0fde8b81b746d662e
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 08:00:49 -0000

The branch stable/12 has been updated by hselasky:

URL: https://cgit.FreeBSD.org/src/commit/?id=7cf565b2c5f0ed90eecd52b0fde8b81b746d662e

commit 7cf565b2c5f0ed90eecd52b0fde8b81b746d662e
Author:     Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2021-03-16 15:06:42 +0000
Commit:     Hans Petter Selasky <hselasky@FreeBSD.org>
CommitDate: 2021-03-24 07:59:58 +0000

    Implement pci_get_relaxed_ordering_enabled() helper function.
    
    Discussed with: kib@
    MFC after:      1 week
    Sponsored by:   Mellanox Technologies // NVIDIA Networking
    
    (cherry picked from commit 1acf24a044aaa0391c61af4abe7e018c3bf8a37c)
---
 sys/dev/pci/pci.c    | 15 +++++++++++++++
 sys/dev/pci/pcivar.h |  1 +
 2 files changed, 16 insertions(+)

diff --git a/sys/dev/pci/pci.c b/sys/dev/pci/pci.c
index 644336562a3b..f3a0309c5202 100644
--- a/sys/dev/pci/pci.c
+++ b/sys/dev/pci/pci.c
@@ -2160,6 +2160,21 @@ pci_ht_map_msi(device_t dev, uint64_t addr)
 	}
 }
 
+int
+pci_get_relaxed_ordering_enabled(device_t dev)
+{
+	struct pci_devinfo *dinfo = device_get_ivars(dev);
+	int cap;
+	uint16_t val;
+
+	cap = dinfo->cfg.pcie.pcie_location;
+	if (cap == 0)
+		return (0);
+	val = pci_read_config(dev, cap + PCIER_DEVICE_CTL, 2);
+	val &= PCIEM_CTL_RELAXED_ORD_ENABLE;
+	return (val != 0);
+}
+
 int
 pci_get_max_payload(device_t dev)
 {
diff --git a/sys/dev/pci/pcivar.h b/sys/dev/pci/pcivar.h
index 65f37a85edd7..b3126ad8dc51 100644
--- a/sys/dev/pci/pcivar.h
+++ b/sys/dev/pci/pcivar.h
@@ -670,6 +670,7 @@ int	pci_msix_device_blacklisted(device_t dev);
 void	pci_ht_map_msi(device_t dev, uint64_t addr);
 
 device_t pci_find_pcie_root_port(device_t dev);
+int	pci_get_relaxed_ordering_enabled(device_t dev);
 int	pci_get_max_payload(device_t dev);
 int	pci_get_max_read_req(device_t dev);
 void	pci_restore_state(device_t dev);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 08:58:21 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5FFFB5AFC6B;
 Wed, 24 Mar 2021 08:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F52Fn2Jg1z3kYy;
 Wed, 24 Mar 2021 08:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 421F71181D;
 Wed, 24 Mar 2021 08:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O8wL8K033152;
 Wed, 24 Mar 2021 08:58:21 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O8wLF4033151;
 Wed, 24 Mar 2021 08:58:21 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 08:58:21 GMT
Message-Id: <202103240858.12O8wLF4033151@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: 7b3ff601f904 - stable/13 - MFC
 eeb26cf52c4c51e1571253d57684c442aa79a98d:
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7b3ff601f90415ba3da62b910aa8ea14a54bfae3
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 08:58:21 -0000

The branch stable/13 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=7b3ff601f90415ba3da62b910aa8ea14a54bfae3

commit 7b3ff601f90415ba3da62b910aa8ea14a54bfae3
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2021-03-17 00:06:17 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2021-03-24 08:55:49 +0000

    MFC eeb26cf52c4c51e1571253d57684c442aa79a98d:
    
    wpa: import fix for P2P provision discovery processing vulnerability
    
    Latest version available from: https://w1.fi/security/2021-1/
    
    Vulnerability
    
    A vulnerability was discovered in how wpa_supplicant processes P2P
    (Wi-Fi Direct) provision discovery requests. Under a corner case
    condition, an invalid Provision Discovery Request frame could end up
    reaching a state where the oldest peer entry needs to be removed. With
    a suitably constructed invalid frame, this could result in use
    (read+write) of freed memory. This can result in an attacker within
    radio range of the device running P2P discovery being able to cause
    unexpected behavior, including termination of the wpa_supplicant process
    and potentially code execution.
    
    Vulnerable versions/configurations
    
    wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
    
    An attacker (or a system controlled by the attacker) needs to be within
    radio range of the vulnerable system to send a set of suitably
    constructed management frames that trigger the corner case to be reached
    in the management of the P2P peer table.
    
    Note: FreeBSD base does not enable P2P.
    (cherry picked from commit eeb26cf52c4c51e1571253d57684c442aa79a98d)
---
 contrib/wpa/src/p2p/p2p_pd.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/contrib/wpa/src/p2p/p2p_pd.c b/contrib/wpa/src/p2p/p2p_pd.c
index 3994ec03f86b..05fd593494ef 100644
--- a/contrib/wpa/src/p2p/p2p_pd.c
+++ b/contrib/wpa/src/p2p/p2p_pd.c
@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
 			goto out;
 		}
 
+		dev = p2p_get_device(p2p, sa);
 		if (!dev) {
-			dev = p2p_get_device(p2p, sa);
-			if (!dev) {
-				p2p_dbg(p2p,
-					"Provision Discovery device not found "
-					MACSTR, MAC2STR(sa));
-				goto out;
-			}
+			p2p_dbg(p2p,
+				"Provision Discovery device not found "
+				MACSTR, MAC2STR(sa));
+			goto out;
 		}
 	} else if (msg.wfd_subelems) {
 		wpabuf_free(dev->info.wfd_subelems);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 08:58:31 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E19E25B0017;
 Wed, 24 Mar 2021 08:58:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F52Fz3gLYz3kPy;
 Wed, 24 Mar 2021 08:58:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5D07511981;
 Wed, 24 Mar 2021 08:58:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O8wTer033276;
 Wed, 24 Mar 2021 08:58:29 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O8wTso033275;
 Wed, 24 Mar 2021 08:58:29 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 08:58:29 GMT
Message-Id: <202103240858.12O8wTso033275@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: 3c2224758fc0 - stable/12 - MFC
 eeb26cf52c4c51e1571253d57684c442aa79a98d:
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 3c2224758fc07c72da28c1a2359420c77e8e5d05
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 08:58:32 -0000

The branch stable/12 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=3c2224758fc07c72da28c1a2359420c77e8e5d05

commit 3c2224758fc07c72da28c1a2359420c77e8e5d05
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2021-03-17 00:06:17 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2021-03-24 08:57:11 +0000

    MFC eeb26cf52c4c51e1571253d57684c442aa79a98d:
    
    wpa: import fix for P2P provision discovery processing vulnerability
    
    Latest version available from: https://w1.fi/security/2021-1/
    
    Vulnerability
    
    A vulnerability was discovered in how wpa_supplicant processes P2P
    (Wi-Fi Direct) provision discovery requests. Under a corner case
    condition, an invalid Provision Discovery Request frame could end up
    reaching a state where the oldest peer entry needs to be removed. With
    a suitably constructed invalid frame, this could result in use
    (read+write) of freed memory. This can result in an attacker within
    radio range of the device running P2P discovery being able to cause
    unexpected behavior, including termination of the wpa_supplicant process
    and potentially code execution.
    
    Vulnerable versions/configurations
    
    wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
    
    An attacker (or a system controlled by the attacker) needs to be within
    radio range of the vulnerable system to send a set of suitably
    constructed management frames that trigger the corner case to be reached
    in the management of the P2P peer table.
    
    Note: FreeBSD base does not enable P2P.
    (cherry picked from commit eeb26cf52c4c51e1571253d57684c442aa79a98d)
---
 contrib/wpa/src/p2p/p2p_pd.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/contrib/wpa/src/p2p/p2p_pd.c b/contrib/wpa/src/p2p/p2p_pd.c
index 3994ec03f86b..05fd593494ef 100644
--- a/contrib/wpa/src/p2p/p2p_pd.c
+++ b/contrib/wpa/src/p2p/p2p_pd.c
@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
 			goto out;
 		}
 
+		dev = p2p_get_device(p2p, sa);
 		if (!dev) {
-			dev = p2p_get_device(p2p, sa);
-			if (!dev) {
-				p2p_dbg(p2p,
-					"Provision Discovery device not found "
-					MACSTR, MAC2STR(sa));
-				goto out;
-			}
+			p2p_dbg(p2p,
+				"Provision Discovery device not found "
+				MACSTR, MAC2STR(sa));
+			goto out;
 		}
 	} else if (msg.wfd_subelems) {
 		wpabuf_free(dev->info.wfd_subelems);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 08:58:46 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E6B455AFF18;
 Wed, 24 Mar 2021 08:58:46 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F52GG1vFvz3kXq;
 Wed, 24 Mar 2021 08:58:45 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 959A711567;
 Wed, 24 Mar 2021 08:58:45 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12O8wjwF033420;
 Wed, 24 Mar 2021 08:58:45 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12O8wjdx033419;
 Wed, 24 Mar 2021 08:58:45 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 08:58:45 GMT
Message-Id: <202103240858.12O8wjdx033419@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: 98bb0d48c1d0 - stable/11 - wpa: import fix for P2P provision
 discovery processing vulnerability
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/11
X-Git-Reftype: branch
X-Git-Commit: 98bb0d48c1d07c221905d23ea00dfb1c5b97207b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 08:58:47 -0000

The branch stable/11 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=98bb0d48c1d07c221905d23ea00dfb1c5b97207b

commit 98bb0d48c1d07c221905d23ea00dfb1c5b97207b
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2021-03-17 00:06:17 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2021-03-24 08:57:20 +0000

    wpa: import fix for P2P provision discovery processing vulnerability
    
    Latest version available from: https://w1.fi/security/2021-1/
    
    Vulnerability
    
    A vulnerability was discovered in how wpa_supplicant processes P2P
    (Wi-Fi Direct) provision discovery requests. Under a corner case
    condition, an invalid Provision Discovery Request frame could end up
    reaching a state where the oldest peer entry needs to be removed. With
    a suitably constructed invalid frame, this could result in use
    (read+write) of freed memory. This can result in an attacker within
    radio range of the device running P2P discovery being able to cause
    unexpected behavior, including termination of the wpa_supplicant process
    and potentially code execution.
    
    Vulnerable versions/configurations
    
    wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
    
    An attacker (or a system controlled by the attacker) needs to be within
    radio range of the vulnerable system to send a set of suitably
    constructed management frames that trigger the corner case to be reached
    in the management of the P2P peer table.
    
    Note: FreeBSD base does not enable P2P.
    (cherry picked from commit eeb26cf52c4c51e1571253d57684c442aa79a98d)
---
 contrib/wpa/src/p2p/p2p_pd.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/contrib/wpa/src/p2p/p2p_pd.c b/contrib/wpa/src/p2p/p2p_pd.c
index 3994ec03f86b..05fd593494ef 100644
--- a/contrib/wpa/src/p2p/p2p_pd.c
+++ b/contrib/wpa/src/p2p/p2p_pd.c
@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
 			goto out;
 		}
 
+		dev = p2p_get_device(p2p, sa);
 		if (!dev) {
-			dev = p2p_get_device(p2p, sa);
-			if (!dev) {
-				p2p_dbg(p2p,
-					"Provision Discovery device not found "
-					MACSTR, MAC2STR(sa));
-				goto out;
-			}
+			p2p_dbg(p2p,
+				"Provision Discovery device not found "
+				MACSTR, MAC2STR(sa));
+			goto out;
 		}
 	} else if (msg.wfd_subelems) {
 		wpabuf_free(dev->info.wfd_subelems);

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 13:33:40 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5E43E5B6223;
 Wed, 24 Mar 2021 13:33:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F58MS1yXdz4VBW;
 Wed, 24 Mar 2021 13:33:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 35F2414FB6;
 Wed, 24 Mar 2021 13:33:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12ODXeYm024945;
 Wed, 24 Mar 2021 13:33:40 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12ODXeYY024944;
 Wed, 24 Mar 2021 13:33:40 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 13:33:40 GMT
Message-Id: <202103241333.12ODXeYY024944@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: e4bdf7ac2a32 - stable/13 - rtsold: Fix validation of RDNSS
 options
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: e4bdf7ac2a32ba1f2402e06360e476ec804210e7
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 13:33:40 -0000

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=e4bdf7ac2a32ba1f2402e06360e476ec804210e7

commit e4bdf7ac2a32ba1f2402e06360e476ec804210e7
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-21 18:18:10 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-24 13:27:59 +0000

    rtsold: Fix validation of RDNSS options
    
    The header specifies the size of the option in multiples of eight bytes.
    The option consists of an eight-byte header followed by one or more IPv6
    addresses, so the option is invalid if the size is not equal to 1+2n for
    some n>0.  Check this.
    
    The bug can cause random stack data to be formatted as an IPv6 address
    and passed to resolvconf(8), but a host able to trigger the bug may also
    specify arbitrary addresses this way.
    
    Reported by:    Q C <cq674350529@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 1af332a7d8f86b6fcc1f0f575fe5b06021b54f4c)
---
 usr.sbin/rtsold/rtsol.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/rtsold/rtsol.c b/usr.sbin/rtsold/rtsol.c
index 30027fc65ac9..76756bfd8393 100644
--- a/usr.sbin/rtsold/rtsol.c
+++ b/usr.sbin/rtsold/rtsol.c
@@ -363,13 +363,19 @@ rtsol_input(int sock)
 		case ND_OPT_RDNSS:
 			rdnss = (struct nd_opt_rdnss *)raoptp;
 
-			/* Optlen sanity check (Section 5.3.1 in RFC 6106) */
-			if (rdnss->nd_opt_rdnss_len < 3) {
+			/*
+			 * The option header is 8 bytes long and each address
+			 * occupies 16 bytes, so the option length must be
+			 * greater than or equal to 24 bytes and an odd multiple
+			 * of 8 bytes.  See section 5.1 in RFC 6106.
+			 */
+			if (rdnss->nd_opt_rdnss_len < 3 ||
+			    rdnss->nd_opt_rdnss_len % 2 == 0) {
 				warnmsg(LOG_INFO, __func__,
-		    			"too short RDNSS option"
-					"in RA from %s was ignored.",
-					inet_ntop(AF_INET6, &from.sin6_addr,
-					    ntopbuf, sizeof(ntopbuf)));
+				    "too short RDNSS option in RA from %s "
+				    "was ignored.",
+				inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
+				    sizeof(ntopbuf)));
 				break;
 			}
 

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 13:33:45 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7912D5B5FC7;
 Wed, 24 Mar 2021 13:33:45 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F58MY0YbMz4VKL;
 Wed, 24 Mar 2021 13:33:45 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DC3CC14FB7;
 Wed, 24 Mar 2021 13:33:44 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12ODXiaS025061;
 Wed, 24 Mar 2021 13:33:44 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12ODXiZn025060;
 Wed, 24 Mar 2021 13:33:44 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 13:33:44 GMT
Message-Id: <202103241333.12ODXiZn025060@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 7df4b83b80bc - stable/12 - rtsold: Fix validation of RDNSS
 options
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 7df4b83b80bc6e90a53acae60d69ce319ea05b65
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 13:33:47 -0000

The branch stable/12 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=7df4b83b80bc6e90a53acae60d69ce319ea05b65

commit 7df4b83b80bc6e90a53acae60d69ce319ea05b65
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-21 18:18:10 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-24 13:29:44 +0000

    rtsold: Fix validation of RDNSS options
    
    The header specifies the size of the option in multiples of eight bytes.
    The option consists of an eight-byte header followed by one or more IPv6
    addresses, so the option is invalid if the size is not equal to 1+2n for
    some n>0.  Check this.
    
    The bug can cause random stack data to be formatted as an IPv6 address
    and passed to resolvconf(8), but a host able to trigger the bug may also
    specify arbitrary addresses this way.
    
    Reported by:    Q C <cq674350529@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 1af332a7d8f86b6fcc1f0f575fe5b06021b54f4c)
---
 usr.sbin/rtsold/rtsol.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/rtsold/rtsol.c b/usr.sbin/rtsold/rtsol.c
index 30027fc65ac9..76756bfd8393 100644
--- a/usr.sbin/rtsold/rtsol.c
+++ b/usr.sbin/rtsold/rtsol.c
@@ -363,13 +363,19 @@ rtsol_input(int sock)
 		case ND_OPT_RDNSS:
 			rdnss = (struct nd_opt_rdnss *)raoptp;
 
-			/* Optlen sanity check (Section 5.3.1 in RFC 6106) */
-			if (rdnss->nd_opt_rdnss_len < 3) {
+			/*
+			 * The option header is 8 bytes long and each address
+			 * occupies 16 bytes, so the option length must be
+			 * greater than or equal to 24 bytes and an odd multiple
+			 * of 8 bytes.  See section 5.1 in RFC 6106.
+			 */
+			if (rdnss->nd_opt_rdnss_len < 3 ||
+			    rdnss->nd_opt_rdnss_len % 2 == 0) {
 				warnmsg(LOG_INFO, __func__,
-		    			"too short RDNSS option"
-					"in RA from %s was ignored.",
-					inet_ntop(AF_INET6, &from.sin6_addr,
-					    ntopbuf, sizeof(ntopbuf)));
+				    "too short RDNSS option in RA from %s "
+				    "was ignored.",
+				inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
+				    sizeof(ntopbuf)));
 				break;
 			}
 

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 13:33:50 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E7FE35B6095;
 Wed, 24 Mar 2021 13:33:50 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F58Mf1TXcz4Vdr;
 Wed, 24 Mar 2021 13:33:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C69B514DC9;
 Wed, 24 Mar 2021 13:33:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12ODXmGT025173;
 Wed, 24 Mar 2021 13:33:48 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12ODXm1B025172;
 Wed, 24 Mar 2021 13:33:48 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 13:33:48 GMT
Message-Id: <202103241333.12ODXm1B025172@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 31f8a7f31c86 - stable/11 - rtsold: Fix validation of RDNSS
 options
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/11
X-Git-Reftype: branch
X-Git-Commit: 31f8a7f31c8622833a7750de79617573f8e6a521
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 13:33:51 -0000

The branch stable/11 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=31f8a7f31c8622833a7750de79617573f8e6a521

commit 31f8a7f31c8622833a7750de79617573f8e6a521
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-21 18:18:10 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-24 13:31:36 +0000

    rtsold: Fix validation of RDNSS options
    
    The header specifies the size of the option in multiples of eight bytes.
    The option consists of an eight-byte header followed by one or more IPv6
    addresses, so the option is invalid if the size is not equal to 1+2n for
    some n>0.  Check this.
    
    The bug can cause random stack data to be formatted as an IPv6 address
    and passed to resolvconf(8), but a host able to trigger the bug may also
    specify arbitrary addresses this way.
    
    Reported by:    Q C <cq674350529@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 1af332a7d8f86b6fcc1f0f575fe5b06021b54f4c)
---
 usr.sbin/rtsold/rtsol.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/rtsold/rtsol.c b/usr.sbin/rtsold/rtsol.c
index 5324cce9de30..cce131f88f3a 100644
--- a/usr.sbin/rtsold/rtsol.c
+++ b/usr.sbin/rtsold/rtsol.c
@@ -416,13 +416,19 @@ rtsol_input(int s)
 		case ND_OPT_RDNSS:
 			rdnss = (struct nd_opt_rdnss *)raoptp;
 
-			/* Optlen sanity check (Section 5.3.1 in RFC 6106) */
-			if (rdnss->nd_opt_rdnss_len < 3) {
+			/*
+			 * The option header is 8 bytes long and each address
+			 * occupies 16 bytes, so the option length must be
+			 * greater than or equal to 24 bytes and an odd multiple
+			 * of 8 bytes.  See section 5.1 in RFC 6106.
+			 */
+			if (rdnss->nd_opt_rdnss_len < 3 ||
+			    rdnss->nd_opt_rdnss_len % 2 == 0) {
 				warnmsg(LOG_INFO, __func__,
-		    			"too short RDNSS option"
-					"in RA from %s was ignored.",
-					inet_ntop(AF_INET6, &from.sin6_addr,
-					    ntopbuf, sizeof(ntopbuf)));
+				    "too short RDNSS option in RA from %s "
+				    "was ignored.",
+				inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
+				    sizeof(ntopbuf)));
 				break;
 			}
 

From owner-dev-commits-src-branches@freebsd.org  Wed Mar 24 18:38:38 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B38EC5BC577;
 Wed, 24 Mar 2021 18:38:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5H7L4PDjz4q1K;
 Wed, 24 Mar 2021 18:38:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 89DD819012;
 Wed, 24 Mar 2021 18:38:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12OIccCB045561;
 Wed, 24 Mar 2021 18:38:38 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12OIccUw045560;
 Wed, 24 Mar 2021 18:38:38 GMT (envelope-from git)
Date: Wed, 24 Mar 2021 18:38:38 GMT
Message-Id: <202103241838.12OIccUw045560@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: db50c8123469 - stable/13 - arm64: implement COMPAT_FREEBSD32
 fill/set dbregs/fpregs
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: db50c8123469e3eab07e931019bf6d4df2d55c78
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 18:38:38 -0000

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=db50c8123469e3eab07e931019bf6d4df2d55c78

commit db50c8123469e3eab07e931019bf6d4df2d55c78
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2021-03-17 14:10:41 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-24 18:37:34 +0000

    arm64: implement COMPAT_FREEBSD32 fill/set dbregs/fpregs
    
    On FreeBSD/arm fill_fpregs, fill_dbregs are stubs that zero the reg
    struct and return success. set_fpregs and set_dbregs do nothing and
    return success.
    
    Provide the same implementation for arm64 COMPAT_FREEBSD32.
    
    Reviewed by:    andrew
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D29314
    
    (cherry picked from commit 5be27cbf16c85ce95d21db57349f61494f851821)
---
 sys/arm64/arm64/machdep.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c
index 91f0a31ebe36..c825c1a18c70 100644
--- a/sys/arm64/arm64/machdep.c
+++ b/sys/arm64/arm64/machdep.c
@@ -489,36 +489,35 @@ set_regs32(struct thread *td, struct reg32 *regs)
 	return (0);
 }
 
+/* XXX fill/set dbregs/fpregs are stubbed on 32-bit arm. */
 int
 fill_fpregs32(struct thread *td, struct fpreg32 *regs)
 {
 
-	printf("ARM64TODO: fill_fpregs32");
-	return (EDOOFUS);
+	memset(regs, 0, sizeof(*regs));
+	return (0);
 }
 
 int
 set_fpregs32(struct thread *td, struct fpreg32 *regs)
 {
 
-	printf("ARM64TODO: set_fpregs32");
-	return (EDOOFUS);
+	return (0);
 }
 
 int
 fill_dbregs32(struct thread *td, struct dbreg32 *regs)
 {
 
-	printf("ARM64TODO: fill_dbregs32");
-	return (EDOOFUS);
+	memset(regs, 0, sizeof(*regs));
+	return (0);
 }
 
 int
 set_dbregs32(struct thread *td, struct dbreg32 *regs)
 {
 
-	printf("ARM64TODO: set_dbregs32");
-	return (EDOOFUS);
+	return (0);
 }
 #endif
 

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 02:36:59 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D99FE5AC818;
 Thu, 25 Mar 2021 02:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5TlH5pXpz4R12;
 Thu, 25 Mar 2021 02:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BA3011F5BC;
 Thu, 25 Mar 2021 02:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12P2axCe017284;
 Thu, 25 Mar 2021 02:36:59 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12P2axof017283;
 Thu, 25 Mar 2021 02:36:59 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 02:36:59 GMT
Message-Id: <202103250236.12P2axof017283@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: a66e75d9e2dd - stable/13 - mn: report that this driver is
 removed in 14, not 13
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: a66e75d9e2ddd9a84f8de204438282a25bb1a954
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 02:36:59 -0000

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=a66e75d9e2ddd9a84f8de204438282a25bb1a954

commit a66e75d9e2ddd9a84f8de204438282a25bb1a954
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2021-03-25 02:35:38 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-25 02:35:38 +0000

    mn: report that this driver is removed in 14, not 13
---
 sys/dev/mn/if_mn.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/dev/mn/if_mn.c b/sys/dev/mn/if_mn.c
index bb329b24c24e..7c7699656743 100644
--- a/sys/dev/mn/if_mn.c
+++ b/sys/dev/mn/if_mn.c
@@ -1392,7 +1392,7 @@ mn_attach (device_t self)
 	default:
 		printf(" Rev 0x%x\n", sc->f54r->vstr);
 	}
-	gone_in_dev(self, 13, "sync serial (T1/E1) driver");
+	gone_in_dev(self, 14, "sync serial (T1/E1) driver");
 
 	if (ng_make_node_common(&mntypestruct, &sc->node) != 0) {
 		printf("ng_make_node_common failed\n");

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 02:39:15 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0F1035AC8ED;
 Thu, 25 Mar 2021 02:39:15 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5Tnt6zbsz4R5P;
 Thu, 25 Mar 2021 02:39:14 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E28761F277;
 Thu, 25 Mar 2021 02:39:14 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12P2dElc017542;
 Thu, 25 Mar 2021 02:39:14 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12P2dE0j017541;
 Thu, 25 Mar 2021 02:39:14 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 02:39:14 GMT
Message-Id: <202103250239.12P2dE0j017541@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 6acecf247f60 - stable/13 - mn: bump deprecation version to 14 in
 man page as well
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6acecf247f60fcd3ba9662d54c59fc7bd46fb67a
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 02:39:15 -0000

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=6acecf247f60fcd3ba9662d54c59fc7bd46fb67a

commit 6acecf247f60fcd3ba9662d54c59fc7bd46fb67a
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2021-03-25 02:37:33 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-25 02:38:49 +0000

    mn: bump deprecation version to 14 in man page as well
    
    Fixes: 66e75d9e2ddd ("mn: report that this driver is removed in 14, not 13")
---
 share/man/man4/mn.4 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/share/man/man4/mn.4 b/share/man/man4/mn.4
index f034a1b10d45..e67eb1e5284f 100644
--- a/share/man/man4/mn.4
+++ b/share/man/man4/mn.4
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 6, 2020
+.Dd March 24, 2021
 .Dt MN 4
 .Os
 .Sh NAME
@@ -37,7 +37,7 @@
 The
 .Nm
 driver is not present in
-.Fx 13.0
+.Fx 14.0
 and later.
 .Sh HARDWARE
 The

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 06:59:54 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 207625B1728;
 Thu, 25 Mar 2021 06:59:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5bZf0J97z4dgN;
 Thu, 25 Mar 2021 06:59:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id ED0E722A30;
 Thu, 25 Mar 2021 06:59:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12P6xrnr081907;
 Thu, 25 Mar 2021 06:59:53 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12P6xrhO081906;
 Thu, 25 Mar 2021 06:59:53 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 06:59:53 GMT
Message-Id: <202103250659.12P6xrhO081906@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Lawrence Stewart <lstewart@FreeBSD.org>
Subject: git: 828e6b5f5e30 - stable/13 - random(9): Restore historical [0,
 2^31-1] output range and related man documention.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: lstewart
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 828e6b5f5e30180d31edb8b4f3d84daaba703c42
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 06:59:54 -0000

The branch stable/13 has been updated by lstewart:

URL: https://cgit.FreeBSD.org/src/commit/?id=828e6b5f5e30180d31edb8b4f3d84daaba703c42

commit 828e6b5f5e30180d31edb8b4f3d84daaba703c42
Author:     Lawrence Stewart <lstewart@FreeBSD.org>
AuthorDate: 2021-03-24 04:25:49 +0000
Commit:     Lawrence Stewart <lstewart@FreeBSD.org>
CommitDate: 2021-03-25 06:57:02 +0000

    random(9): Restore historical [0,2^31-1] output range and related man documention.
    
    Commit SVN r364219 / Git 8a0edc914ffd changed random(9) to be a shim around
    prng32(9) and inadvertently caused random(9) to begin returning numbers in the
    range [0,2^32-1] instead of [0,2^31-1], where the latter has been the documented
    range for decades.
    
    The increased output range has been identified as the source of numerous bugs in
    code written against the historical output range e.g. ipfw "prob" rules and
    stats(3) are known to be affected, and a non-exhaustive audit of the tree
    identified other random(9) consumers which are also likely affected.
    
    As random(9) is deprecated and slated for eventual removal in 14.0, consumers
    should gradually be audited and migrated to prng(9).
    
    Submitted by:           Loic Prylli <lprylli@netflix.com>
    Obtained from:          Netflix
    Reviewed by:            cem, delphij, imp
    MFC after:              1 day
    MFC to:                 stable/13, releng/13.0
    Differential Revision:  https://reviews.freebsd.org/D29385
    
    (cherry picked from commit dbbf3e3f37d67d3eae0931855f8b62b9b299b80a)
---
 share/man/man9/random.9 | 25 ++++++++++++++-----------
 sys/libkern/random.c    |  2 +-
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/share/man/man9/random.9 b/share/man/man9/random.9
index fb5f2156df16..1c5f962b1363 100644
--- a/share/man/man9/random.9
+++ b/share/man/man9/random.9
@@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\" "
-.Dd December 26, 2019
+.Dd March 22, 2021
 .Dt RANDOM 9
 .Os
 .Sh NAME
@@ -132,17 +132,13 @@ If the function is interrupted before the random device is seeded, no data is
 returned.
 .Pp
 The deprecated
-.Xr random 9
-function will produce a sequence of pseudorandom numbers using a similar weak
-linear congruential generator as
-.Xr rand 3
-(the 1988 Park-Miller LCG).
+.Fn random
+function will return a 31-bit value.
 It is obsolete and scheduled to be removed in
-.Fx 13.0 .
-It is strongly advised that the
-.Xr random 9
-function not be used to generate random numbers.
-See
+.Fx 14.0 .
+Consider
+.Xr prng 9
+instead and see
 .Sx SECURITY CONSIDERATIONS .
 .Sh RETURN VALUES
 The
@@ -167,6 +163,13 @@ the number of bytes placed in
 .Fn read_random_uio
 returns zero when successful,
 otherwise an error code is returned.
+.Pp
+.Fn random
+returns numbers
+in the range from 0 to
+.if t 2\u\s731\s10\d\(mi1.
+.if n (2**31)\(mi1.
+
 .Sh ERRORS
 .Fn read_random_uio
 may fail if:
diff --git a/sys/libkern/random.c b/sys/libkern/random.c
index 23a8887fa49b..0bdfbc168409 100644
--- a/sys/libkern/random.c
+++ b/sys/libkern/random.c
@@ -45,5 +45,5 @@ __FBSDID("$FreeBSD$");
 u_long
 random(void)
 {
-	return (prng32());
+	return (prng32() & 0x7fffffff);
 }

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 07:04:39 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D75585B1A1D;
 Thu, 25 Mar 2021 07:04:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5bh75myKz4f3y;
 Thu, 25 Mar 2021 07:04:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B4DDD22EA4;
 Thu, 25 Mar 2021 07:04:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12P74du9095709;
 Thu, 25 Mar 2021 07:04:39 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12P74dNw095708;
 Thu, 25 Mar 2021 07:04:39 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 07:04:39 GMT
Message-Id: <202103250704.12P74dNw095708@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Lawrence Stewart <lstewart@FreeBSD.org>
Subject: git: 2a878f01f22f - releng/13.0 - random(9): Restore historical [0,
 2^31-1] output range and related man documention.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: lstewart
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 2a878f01f22fd7a238078305813e48597bbcbba0
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 07:04:39 -0000

The branch releng/13.0 has been updated by lstewart:

URL: https://cgit.FreeBSD.org/src/commit/?id=2a878f01f22fd7a238078305813e48597bbcbba0

commit 2a878f01f22fd7a238078305813e48597bbcbba0
Author:     Lawrence Stewart <lstewart@FreeBSD.org>
AuthorDate: 2021-03-24 04:25:49 +0000
Commit:     Lawrence Stewart <lstewart@FreeBSD.org>
CommitDate: 2021-03-25 07:00:55 +0000

    random(9): Restore historical [0,2^31-1] output range and related man documention.
    
    Commit SVN r364219 / Git 8a0edc914ffd changed random(9) to be a shim around
    prng32(9) and inadvertently caused random(9) to begin returning numbers in the
    range [0,2^32-1] instead of [0,2^31-1], where the latter has been the documented
    range for decades.
    
    The increased output range has been identified as the source of numerous bugs in
    code written against the historical output range e.g. ipfw "prob" rules and
    stats(3) are known to be affected, and a non-exhaustive audit of the tree
    identified other random(9) consumers which are also likely affected.
    
    As random(9) is deprecated and slated for eventual removal in 14.0, consumers
    should gradually be audited and migrated to prng(9).
    
    Submitted by:           Loic Prylli <lprylli@netflix.com>
    Obtained from:          Netflix
    Reviewed by:            cem, delphij, imp
    MFC after:              1 day
    MFC to:                 stable/13, releng/13.0
    Differential Revision:  https://reviews.freebsd.org/D29385
    Approved by:            re (delphij)
    
    (cherry picked from commit dbbf3e3f37d67d3eae0931855f8b62b9b299b80a)
---
 share/man/man9/random.9 | 25 ++++++++++++++-----------
 sys/libkern/random.c    |  2 +-
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/share/man/man9/random.9 b/share/man/man9/random.9
index fb5f2156df16..1c5f962b1363 100644
--- a/share/man/man9/random.9
+++ b/share/man/man9/random.9
@@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\" "
-.Dd December 26, 2019
+.Dd March 22, 2021
 .Dt RANDOM 9
 .Os
 .Sh NAME
@@ -132,17 +132,13 @@ If the function is interrupted before the random device is seeded, no data is
 returned.
 .Pp
 The deprecated
-.Xr random 9
-function will produce a sequence of pseudorandom numbers using a similar weak
-linear congruential generator as
-.Xr rand 3
-(the 1988 Park-Miller LCG).
+.Fn random
+function will return a 31-bit value.
 It is obsolete and scheduled to be removed in
-.Fx 13.0 .
-It is strongly advised that the
-.Xr random 9
-function not be used to generate random numbers.
-See
+.Fx 14.0 .
+Consider
+.Xr prng 9
+instead and see
 .Sx SECURITY CONSIDERATIONS .
 .Sh RETURN VALUES
 The
@@ -167,6 +163,13 @@ the number of bytes placed in
 .Fn read_random_uio
 returns zero when successful,
 otherwise an error code is returned.
+.Pp
+.Fn random
+returns numbers
+in the range from 0 to
+.if t 2\u\s731\s10\d\(mi1.
+.if n (2**31)\(mi1.
+
 .Sh ERRORS
 .Fn read_random_uio
 may fail if:
diff --git a/sys/libkern/random.c b/sys/libkern/random.c
index 23a8887fa49b..0bdfbc168409 100644
--- a/sys/libkern/random.c
+++ b/sys/libkern/random.c
@@ -45,5 +45,5 @@ __FBSDID("$FreeBSD$");
 u_long
 random(void)
 {
-	return (prng32());
+	return (prng32() & 0x7fffffff);
 }

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 13:18:54 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 663925BCF3B;
 Thu, 25 Mar 2021 13:18:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5lzy2R0tz3K8p;
 Thu, 25 Mar 2021 13:18:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 464D1274F2;
 Thu, 25 Mar 2021 13:18:54 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PDIsfo016809;
 Thu, 25 Mar 2021 13:18:54 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PDIs4E016808;
 Thu, 25 Mar 2021 13:18:54 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 13:18:54 GMT
Message-Id: <202103251318.12PDIs4E016808@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: fcc700abe4fa - stable/13 - Tune DTrace 'aframes' for the FBT and
 profile providers on arm64.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: fcc700abe4fa85b0f0ec9d953436725533cecc17
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 13:18:54 -0000

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=fcc700abe4fa85b0f0ec9d953436725533cecc17

commit fcc700abe4fa85b0f0ec9d953436725533cecc17
Author:     Robert Watson <rwatson@FreeBSD.org>
AuthorDate: 2021-03-21 00:01:54 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-25 13:16:41 +0000

    Tune DTrace 'aframes' for the FBT and profile providers on arm64.
    
    In both cases, too few frames were trimmed, leading to exception handling
    or DTrace internals being exposed in stack traces exposed by D's stack()
    primitive.
    
    Reviewed by:    emaste, andrew
    Differential Revision:  https://reviews.freebsd.org/D29356
    
    (cherry picked from commit 599fb1d198ec6792ba062114d2589ca9f01a3568)
---
 sys/cddl/dev/fbt/aarch64/fbt_isa.c | 5 +++--
 sys/cddl/dev/profile/profile.c     | 3 +--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/sys/cddl/dev/fbt/aarch64/fbt_isa.c b/sys/cddl/dev/fbt/aarch64/fbt_isa.c
index f15bc12291d3..6bc351ad74f6 100644
--- a/sys/cddl/dev/fbt/aarch64/fbt_isa.c
+++ b/sys/cddl/dev/fbt/aarch64/fbt_isa.c
@@ -44,6 +44,7 @@
 #define	FBT_PATCHVAL		(AARCH64_BRK | AARCH64_BRK_IMM16_VAL)
 #define	FBT_ENTRY	"entry"
 #define	FBT_RETURN	"return"
+#define	FBT_AFRAMES	4
 
 int
 fbt_invop(uintptr_t addr, struct trapframe *frame, uintptr_t rval)
@@ -141,7 +142,7 @@ fbt_provide_module_function(linker_file_t lf, int symindx,
 	fbt = malloc(sizeof (fbt_probe_t), M_FBT, M_WAITOK | M_ZERO);
 	fbt->fbtp_name = name;
 	fbt->fbtp_id = dtrace_probe_create(fbt_id, modname,
-	    name, FBT_ENTRY, 3, fbt);
+	    name, FBT_ENTRY, FBT_AFRAMES, fbt);
 	fbt->fbtp_patchpoint = instr;
 	fbt->fbtp_ctl = lf;
 	fbt->fbtp_loadcnt = lf->loadcnt;
@@ -183,7 +184,7 @@ again:
 	fbt->fbtp_name = name;
 	if (retfbt == NULL) {
 		fbt->fbtp_id = dtrace_probe_create(fbt_id, modname,
-		    name, FBT_RETURN, 3, fbt);
+		    name, FBT_RETURN, FBT_AFRAMES, fbt);
 	} else {
 		retfbt->fbtp_probenext = fbt;
 		fbt->fbtp_id = retfbt->fbtp_id;
diff --git a/sys/cddl/dev/profile/profile.c b/sys/cddl/dev/profile/profile.c
index 4fc9f6f22eef..ca373f50a1a0 100644
--- a/sys/cddl/dev/profile/profile.c
+++ b/sys/cddl/dev/profile/profile.c
@@ -140,8 +140,7 @@ struct profile_probe_percpu;
 #endif
 
 #ifdef __aarch64__
-/* TODO: verify */
-#define	PROF_ARTIFICIAL_FRAMES	10
+#define	PROF_ARTIFICIAL_FRAMES	12
 #endif
 
 #ifdef __riscv

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 13:18:55 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7EA4A5BCF3C;
 Thu, 25 Mar 2021 13:18:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5lzz38HWz3K0Q;
 Thu, 25 Mar 2021 13:18:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5F1E62765B;
 Thu, 25 Mar 2021 13:18:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PDItTG016831;
 Thu, 25 Mar 2021 13:18:55 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PDItt0016830;
 Thu, 25 Mar 2021 13:18:55 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 13:18:55 GMT
Message-Id: <202103251318.12PDItt0016830@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: ba08ba5226ff - stable/13 - Teach DTrace that unaligned accesses
 are OK on aarch64, not just x86.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ba08ba5226ff8551ea3926ce49b8604b71c9cabf
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 13:18:55 -0000

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=ba08ba5226ff8551ea3926ce49b8604b71c9cabf

commit ba08ba5226ff8551ea3926ce49b8604b71c9cabf
Author:     Robert Watson <rwatson@FreeBSD.org>
AuthorDate: 2021-03-22 01:50:00 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2021-03-25 13:17:38 +0000

    Teach DTrace that unaligned accesses are OK on aarch64, not just x86.
    
    MFC after:      3 days
    Reviewed:       andrew
    Differential Revision:  https://reviews.freebsd.org/D29369
---
 sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c b/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
index b212185a4578..ca6fa5481856 100644
--- a/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+++ b/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
@@ -475,7 +475,7 @@ static kmutex_t dtrace_errlock;
 #define	DTRACE_STORE(type, tomax, offset, what) \
 	*((type *)((uintptr_t)(tomax) + (uintptr_t)offset)) = (type)(what);
 
-#ifndef __x86
+#if !defined(__x86) && !defined(__aarch64__)
 #define	DTRACE_ALIGNCHECK(addr, size, flags)				\
 	if (addr & (size - 1)) {					\
 		*flags |= CPU_DTRACE_BADALIGN;				\

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 16:23:01 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AC6BA5C344F;
 Thu, 25 Mar 2021 16:23:01 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5r4P4V7vz3qHZ;
 Thu, 25 Mar 2021 16:23:01 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8CC782651;
 Thu, 25 Mar 2021 16:23:01 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PGN1EM082777;
 Thu, 25 Mar 2021 16:23:01 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PGN1mL082776;
 Thu, 25 Mar 2021 16:23:01 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 16:23:01 GMT
Message-Id: <202103251623.12PGN1mL082776@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 2c7061d85287 - stable/13 - OpenSSL: Merge OpenSSL 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2c7061d8528748552f58441500e765f161d60080
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 16:23:01 -0000

The branch stable/13 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=2c7061d8528748552f58441500e765f161d60080

commit 2c7061d8528748552f58441500e765f161d60080
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 15:45:19 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 16:21:51 +0000

    OpenSSL: Merge OpenSSL 1.1.1k
    
    Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380'
    
    (cherry picked from commit b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
---
 crypto/openssl/CHANGES                       | 44 ++++++++++++++++++++++++++++
 crypto/openssl/NEWS                          |  8 +++++
 crypto/openssl/README                        |  4 +--
 crypto/openssl/apps/s_cb.c                   |  5 ++--
 crypto/openssl/apps/s_time.c                 |  5 ++--
 crypto/openssl/crypto/asn1/asn1_par.c        |  3 +-
 crypto/openssl/crypto/asn1/bio_ndef.c        |  4 ++-
 crypto/openssl/crypto/engine/eng_devcrypto.c | 17 +++++++++--
 crypto/openssl/crypto/evp/evp_enc.c          |  2 +-
 crypto/openssl/crypto/modes/cbc128.c         |  8 +++--
 crypto/openssl/crypto/modes/gcm128.c         |  6 ++--
 crypto/openssl/crypto/o_time.c               |  6 ++--
 crypto/openssl/crypto/rand/rand_lib.c        |  8 +++--
 crypto/openssl/crypto/rsa/rsa_ssl.c          |  2 +-
 crypto/openssl/crypto/x509/x509_vfy.c        | 12 +++++---
 crypto/openssl/include/openssl/opensslv.h    |  6 ++--
 crypto/openssl/ssl/s3_lib.c                  |  7 +++--
 crypto/openssl/ssl/ssl_lib.c                 | 16 +++++++---
 crypto/openssl/ssl/statem/extensions.c       |  4 +++
 crypto/openssl/ssl/statem/extensions_clnt.c  | 16 ++++++++--
 crypto/openssl/ssl/statem/statem_clnt.c      |  8 ++++-
 crypto/openssl/ssl/statem/statem_srvr.c      | 19 +++++++++---
 22 files changed, 166 insertions(+), 44 deletions(-)

diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
index a4a63a9bea22..7f8057bb6f0a 100644
--- a/crypto/openssl/CHANGES
+++ b/crypto/openssl/CHANGES
@@ -7,6 +7,50 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
+
+  *) Fixed a problem with verifying a certificate chain when using the
+     X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
+     of the certificates present in a certificate chain. It is not set by
+     default.
+
+     Starting from OpenSSL version 1.1.1h a check to disallow certificates in
+     the chain that have explicitly encoded elliptic curve parameters was added
+     as an additional strict check.
+
+     An error in the implementation of this check meant that the result of a
+     previous check to confirm that certificates in the chain are valid CA
+     certificates was overwritten. This effectively bypasses the check
+     that non-CA certificates must not be able to issue other certificates.
+
+     If a "purpose" has been configured then there is a subsequent opportunity
+     for checks that the certificate is a valid CA.  All of the named "purpose"
+     values implemented in libcrypto perform this check.  Therefore, where
+     a purpose is set the certificate chain will still be rejected even when the
+     strict flag has been used. A purpose is set by default in libssl client and
+     server certificate verification routines, but it can be overridden or
+     removed by an application.
+
+     In order to be affected, an application must explicitly set the
+     X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
+     for the certificate verification or, in the case of TLS client or server
+     applications, override the default purpose.
+     (CVE-2021-3450)
+     [Tomáš Mráz]
+
+  *) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
+     crafted renegotiation ClientHello message from a client. If a TLSv1.2
+     renegotiation ClientHello omits the signature_algorithms extension (where
+     it was present in the initial ClientHello), but includes a
+     signature_algorithms_cert extension then a NULL pointer dereference will
+     result, leading to a crash and a denial of service attack.
+
+     A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
+     (which is the default configuration). OpenSSL TLS clients are not impacted
+     by this issue.
+     (CVE-2021-3449)
+     [Peter Kästle and Samuel Sapalski]
+
  Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
 
   *) Fixed the X509_issuer_and_serial_hash() function. It attempts to
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
index 3cce52506645..05991a0c214a 100644
--- a/crypto/openssl/NEWS
+++ b/crypto/openssl/NEWS
@@ -5,6 +5,14 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
+
+      o Fixed a problem with verifying a certificate chain when using the
+        X509_V_FLAG_X509_STRICT flag (CVE-2021-3450)
+      o Fixed an issue where an OpenSSL TLS server may crash if sent a
+        maliciously crafted renegotiation ClientHello message from a client
+        (CVE-2021-3449)
+
   Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
 
       o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
diff --git a/crypto/openssl/README b/crypto/openssl/README
index da5629f92c81..b92a8bd3a4b5 100644
--- a/crypto/openssl/README
+++ b/crypto/openssl/README
@@ -1,7 +1,7 @@
 
- OpenSSL 1.1.1j 16 Feb 2021
+ OpenSSL 1.1.1k 25 Mar 2021
 
- Copyright (c) 1998-2020 The OpenSSL Project
+ Copyright (c) 1998-2021 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 
diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c
index 6406ddfb9e1b..dee1b2e5b4f6 100644
--- a/crypto/openssl/apps/s_cb.c
+++ b/crypto/openssl/apps/s_cb.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -934,7 +934,8 @@ static int set_cert_cb(SSL *ssl, void *arg)
                 if (!SSL_build_cert_chain(ssl, 0))
                     return 0;
             } else if (exc->chain != NULL) {
-                SSL_set1_chain(ssl, exc->chain);
+                if (!SSL_set1_chain(ssl, exc->chain))
+                    return 0;
             }
         }
         exc = exc->prev;
diff --git a/crypto/openssl/apps/s_time.c b/crypto/openssl/apps/s_time.c
index 628e65b26e19..1235e545c20a 100644
--- a/crypto/openssl/apps/s_time.c
+++ b/crypto/openssl/apps/s_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -263,7 +263,8 @@ int s_time_main(int argc, char **argv)
          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
     printf
         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
-         nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
+         nConn, (long)time(NULL) - finishtime + maxtime,
+         nConn > 0 ? bytes_read / nConn : 0l);
 
     /*
      * Now loop and time connections using the same session id over and over
diff --git a/crypto/openssl/crypto/asn1/asn1_par.c b/crypto/openssl/crypto/asn1/asn1_par.c
index 3f10c7cb94c5..a32fa47f2206 100644
--- a/crypto/openssl/crypto/asn1/asn1_par.c
+++ b/crypto/openssl/crypto/asn1/asn1_par.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -325,6 +325,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                 }
                 if (BIO_puts(bp, "]") <= 0)
                     goto end;
+                dump_cont = 0;
             }
 
             if (!nl) {
diff --git a/crypto/openssl/crypto/asn1/bio_ndef.c b/crypto/openssl/crypto/asn1/bio_ndef.c
index 6222c99074de..d7d7d80eea91 100644
--- a/crypto/openssl/crypto/asn1/bio_ndef.c
+++ b/crypto/openssl/crypto/asn1/bio_ndef.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -113,6 +113,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
     ndef_aux = *(NDEF_SUPPORT **)parg;
 
     derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    if (derlen < 0)
+        return 0;
     if ((p = OPENSSL_malloc(derlen)) == NULL) {
         ASN1err(ASN1_F_NDEF_PREFIX, ERR_R_MALLOC_FAILURE);
         return 0;
diff --git a/crypto/openssl/crypto/engine/eng_devcrypto.c b/crypto/openssl/crypto/engine/eng_devcrypto.c
index 49e9ce1af33b..84a3b7dbec75 100644
--- a/crypto/openssl/crypto/engine/eng_devcrypto.c
+++ b/crypto/openssl/crypto/engine/eng_devcrypto.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -758,8 +758,9 @@ static int devcrypto_unload(ENGINE *e)
 void engine_load_devcrypto_int()
 {
     ENGINE *e = NULL;
+    int fd;
 
-    if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+    if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
 #ifndef ENGINE_DEVCRYPTO_DEBUG
         if (errno != ENOENT)
 #endif
@@ -767,6 +768,18 @@ void engine_load_devcrypto_int()
         return;
     }
 
+#ifdef CRIOGET
+    if (ioctl(fd, CRIOGET, &cfd) < 0) {
+        fprintf(stderr, "Could not create crypto fd: %s\n", strerror(errno));
+        close(fd);
+        cfd = -1;
+        return;
+    }
+    close(fd);
+#else
+    cfd = fd;
+#endif
+
     if ((e = ENGINE_new()) == NULL
         || !ENGINE_set_destroy_function(e, devcrypto_unload)) {
         ENGINE_free(e);
diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c
index 0843caf4f0a4..e3c165d48e08 100644
--- a/crypto/openssl/crypto/evp/evp_enc.c
+++ b/crypto/openssl/crypto/evp/evp_enc.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/modes/cbc128.c b/crypto/openssl/crypto/modes/cbc128.c
index c85e37c6a546..15a14be70872 100644
--- a/crypto/openssl/crypto/modes/cbc128.c
+++ b/crypto/openssl/crypto/modes/cbc128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -69,7 +69,8 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
         in += 16;
         out += 16;
     }
-    memcpy(ivec, iv, 16);
+    if (ivec != iv)
+        memcpy(ivec, iv, 16);
 }
 
 void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
@@ -114,7 +115,8 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
                 out += 16;
             }
         }
-        memcpy(ivec, iv, 16);
+        if (ivec != iv)
+            memcpy(ivec, iv, 16);
     } else {
         if (STRICT_ALIGNMENT &&
             ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
diff --git a/crypto/openssl/crypto/modes/gcm128.c b/crypto/openssl/crypto/modes/gcm128.c
index 0c0bf3cda5b5..8304efff48be 100644
--- a/crypto/openssl/crypto/modes/gcm128.c
+++ b/crypto/openssl/crypto/modes/gcm128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -1385,8 +1385,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
                 else
                     ctx->Yi.d[3] = ctr;
                 for (i = 0; i < 16 / sizeof(size_t); ++i) {
-                    size_t c = in[i];
-                    out[i] = c ^ ctx->EKi.t[i];
+                    size_t c = in_t[i];
+                    out_t[i] = c ^ ctx->EKi.t[i];
                     ctx->Xi.t[i] ^= c;
                 }
                 GCM_MUL(ctx);
diff --git a/crypto/openssl/crypto/o_time.c b/crypto/openssl/crypto/o_time.c
index 3502edda6238..3fa70c45af83 100644
--- a/crypto/openssl/crypto/o_time.c
+++ b/crypto/openssl/crypto/o_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -133,8 +133,8 @@ int OPENSSL_gmtime_diff(int *pday, int *psec,
 static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
                       long *pday, int *psec)
 {
-    int offset_hms, offset_day;
-    long time_jd;
+    int offset_hms;
+    long offset_day, time_jd;
     int time_year, time_month, time_day;
     /* split offset into days and day seconds */
     offset_day = offset_sec / SECS_PER_DAY;
diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_lib.c
index ba3a29e58468..5c72fad8ca26 100644
--- a/crypto/openssl/crypto/rand/rand_lib.c
+++ b/crypto/openssl/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -432,9 +432,13 @@ err:
 RAND_POOL *rand_pool_new(int entropy_requested, int secure,
                          size_t min_len, size_t max_len)
 {
-    RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool));
+    RAND_POOL *pool;
     size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure);
 
+    if (!RUN_ONCE(&rand_init, do_rand_init))
+        return NULL;
+
+    pool = OPENSSL_zalloc(sizeof(*pool));
     if (pool == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
diff --git a/crypto/openssl/crypto/rsa/rsa_ssl.c b/crypto/openssl/crypto/rsa/rsa_ssl.c
index ecdb3cee1fa3..e1c755ae460b 100644
--- a/crypto/openssl/crypto/rsa/rsa_ssl.c
+++ b/crypto/openssl/crypto/rsa/rsa_ssl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c
index 0c71b2e8b4ad..20a36e763c5d 100644
--- a/crypto/openssl/crypto/x509/x509_vfy.c
+++ b/crypto/openssl/crypto/x509/x509_vfy.c
@@ -524,15 +524,19 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
                 ret = 1;
             break;
         }
-        if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
+        if (ret > 0
+            && (ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
             /* Check for presence of explicit elliptic curve parameters */
             ret = check_curve(x);
-            if (ret < 0)
+            if (ret < 0) {
                 ctx->error = X509_V_ERR_UNSPECIFIED;
-            else if (ret == 0)
+                ret = 0;
+            } else if (ret == 0) {
                 ctx->error = X509_V_ERR_EC_KEY_EXPLICIT_PARAMS;
+            }
         }
-        if ((x->ex_flags & EXFLAG_CA) == 0
+        if (ret > 0
+            && (x->ex_flags & EXFLAG_CA) == 0
             && x->ex_pathlen != -1
             && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
             ctx->error = X509_V_ERR_INVALID_EXTENSION;
diff --git a/crypto/openssl/include/openssl/opensslv.h b/crypto/openssl/include/openssl/opensslv.h
index 5eeb751672aa..ec4a1123f131 100644
--- a/crypto/openssl/include/openssl/opensslv.h
+++ b/crypto/openssl/include/openssl/opensslv.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x101010afL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1j-freebsd  16 Feb 2021"
+# define OPENSSL_VERSION_NUMBER  0x101010bfL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1k-freebsd  25 Mar 2021"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index 4511b52c9afc..b256a4b93503 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -4629,6 +4629,7 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
 
         OPENSSL_clear_free(s->s3->tmp.psk, psklen);
         s->s3->tmp.psk = NULL;
+        s->s3->tmp.psklen = 0;
         if (!s->method->ssl3_enc->generate_master_secret(s,
                     s->session->master_key, pskpms, pskpmslen,
                     &s->session->master_key_length)) {
@@ -4658,8 +4659,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
         else
             OPENSSL_cleanse(pms, pmslen);
     }
-    if (s->server == 0)
+    if (s->server == 0) {
         s->s3->tmp.pms = NULL;
+        s->s3->tmp.pmslen = 0;
+    }
     return ret;
 }
 
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index 382f4b6d7b58..3fc6549c80e3 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -781,8 +781,10 @@ SSL *SSL_new(SSL_CTX *ctx)
         s->ext.ecpointformats =
             OPENSSL_memdup(ctx->ext.ecpointformats,
                            ctx->ext.ecpointformats_len);
-        if (!s->ext.ecpointformats)
+        if (!s->ext.ecpointformats) {
+            s->ext.ecpointformats_len = 0;
             goto err;
+        }
         s->ext.ecpointformats_len =
             ctx->ext.ecpointformats_len;
     }
@@ -791,8 +793,10 @@ SSL *SSL_new(SSL_CTX *ctx)
             OPENSSL_memdup(ctx->ext.supportedgroups,
                            ctx->ext.supportedgroups_len
                                 * sizeof(*ctx->ext.supportedgroups));
-        if (!s->ext.supportedgroups)
+        if (!s->ext.supportedgroups) {
+            s->ext.supportedgroups_len = 0;
             goto err;
+        }
         s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
     }
 #endif
@@ -802,8 +806,10 @@ SSL *SSL_new(SSL_CTX *ctx)
 
     if (s->ctx->ext.alpn) {
         s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
-        if (s->ext.alpn == NULL)
+        if (s->ext.alpn == NULL) {
+            s->ext.alpn_len = 0;
             goto err;
+        }
         memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
         s->ext.alpn_len = s->ctx->ext.alpn_len;
     }
@@ -2923,6 +2929,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
     OPENSSL_free(ctx->ext.alpn);
     ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ctx->ext.alpn == NULL) {
+        ctx->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
@@ -2942,6 +2949,7 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
     OPENSSL_free(ssl->ext.alpn);
     ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ssl->ext.alpn == NULL) {
+        ssl->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
diff --git a/crypto/openssl/ssl/statem/extensions.c b/crypto/openssl/ssl/statem/extensions.c
index 9f51a6eb28d9..e1a3b1db67a1 100644
--- a/crypto/openssl/ssl/statem/extensions.c
+++ b/crypto/openssl/ssl/statem/extensions.c
@@ -336,6 +336,8 @@ static const EXTENSION_DEFINITION ext_defs[] = {
         tls_construct_stoc_key_share, tls_construct_ctos_key_share,
         final_key_share
     },
+#else
+    INVALID_EXTENSION,
 #endif
     {
         /* Must be after key_share */
@@ -1137,6 +1139,7 @@ static int init_sig_algs(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
+    s->s3->tmp.peer_sigalgslen = 0;
 
     return 1;
 }
@@ -1146,6 +1149,7 @@ static int init_sig_algs_cert(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
     s->s3->tmp.peer_cert_sigalgs = NULL;
+    s->s3->tmp.peer_cert_sigalgslen = 0;
 
     return 1;
 }
diff --git a/crypto/openssl/ssl/statem/extensions_clnt.c b/crypto/openssl/ssl/statem/extensions_clnt.c
index bcce0f1d9534..ce8a75794c3a 100644
--- a/crypto/openssl/ssl/statem/extensions_clnt.c
+++ b/crypto/openssl/ssl/statem/extensions_clnt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -816,6 +816,7 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
         OPENSSL_free(s->psksession_id);
         s->psksession_id = OPENSSL_memdup(id, idlen);
         if (s->psksession_id == NULL) {
+            s->psksession_id_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
@@ -1375,6 +1376,7 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
         OPENSSL_free(s->ext.peer_ecpointformats);
         s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
         if (s->ext.peer_ecpointformats == NULL) {
+            s->ext.peer_ecpointformats_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -1492,8 +1494,13 @@ int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->ext.scts_len = (uint16_t)size;
         if (size > 0) {
             s->ext.scts = OPENSSL_malloc(size);
-            if (s->ext.scts == NULL
-                    || !PACKET_copy_bytes(pkt, s->ext.scts, size)) {
+            if (s->ext.scts == NULL) {
+                s->ext.scts_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
+                         ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -1592,6 +1599,7 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->ext.npn);
     s->ext.npn = OPENSSL_malloc(selected_len);
     if (s->ext.npn == NULL) {
+        s->ext.npn_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_NPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1632,6 +1640,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->s3->alpn_selected);
     s->s3->alpn_selected = OPENSSL_malloc(len);
     if (s->s3->alpn_selected == NULL) {
+        s->s3->alpn_selected_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1663,6 +1672,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->session->ext.alpn_selected =
             OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
         if (s->session->ext.alpn_selected == NULL) {
+            s->session->ext.alpn_selected_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                      ERR_R_INTERNAL_ERROR);
             return 0;
diff --git a/crypto/openssl/ssl/statem/statem_clnt.c b/crypto/openssl/ssl/statem/statem_clnt.c
index d84cc0460f4e..de58f1a4b7e9 100644
--- a/crypto/openssl/ssl/statem/statem_clnt.c
+++ b/crypto/openssl/ssl/statem/statem_clnt.c
@@ -2462,6 +2462,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
         s->s3->tmp.ctype_len = 0;
         OPENSSL_free(s->pha_context);
         s->pha_context = NULL;
+        s->pha_context_len = 0;
 
         if (!PACKET_get_length_prefixed_1(pkt, &reqctx) ||
             !PACKET_memdup(&reqctx, &s->pha_context, &s->pha_context_len)) {
@@ -2771,16 +2772,17 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt)
     }
     s->ext.ocsp.resp = OPENSSL_malloc(resplen);
     if (s->ext.ocsp.resp == NULL) {
+        s->ext.ocsp.resp_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  ERR_R_MALLOC_FAILURE);
         return 0;
     }
+    s->ext.ocsp.resp_len = resplen;
     if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  SSL_R_LENGTH_MISMATCH);
         return 0;
     }
-    s->ext.ocsp.resp_len = resplen;
 
     return 1;
 }
@@ -2905,6 +2907,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt)
     if (psklen > PSK_MAX_PSK_LEN) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE, ERR_R_INTERNAL_ERROR);
+        psklen = PSK_MAX_PSK_LEN;   /* Avoid overrunning the array on cleanse */
         goto err;
     } else if (psklen == 0) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -3350,9 +3353,11 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
  err:
     OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return 0;
 }
@@ -3427,6 +3432,7 @@ int tls_client_key_exchange_post_work(SSL *s)
  err:
     OPENSSL_clear_free(pms, pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
     return 0;
 }
 
diff --git a/crypto/openssl/ssl/statem/statem_srvr.c b/crypto/openssl/ssl/statem/statem_srvr.c
index cf45a40ce4e3..fec12f613004 100644
--- a/crypto/openssl/ssl/statem/statem_srvr.c
+++ b/crypto/openssl/ssl/statem/statem_srvr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -2178,6 +2178,7 @@ int tls_handle_alpn(SSL *s)
             OPENSSL_free(s->s3->alpn_selected);
             s->s3->alpn_selected = OPENSSL_memdup(selected, selected_len);
             if (s->s3->alpn_selected == NULL) {
+                s->s3->alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_HANDLE_ALPN,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -2853,9 +2854,16 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
         if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
             OPENSSL_free(s->pha_context);
             s->pha_context_len = 32;
-            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
-                    || RAND_bytes(s->pha_context, s->pha_context_len) <= 0
-                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL) {
+                s->pha_context_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                         SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+                         ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            if (RAND_bytes(s->pha_context, s->pha_context_len) <= 0
+                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context,
+                                              s->pha_context_len)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
                          ERR_R_INTERNAL_ERROR);
@@ -2969,6 +2977,7 @@ static int tls_process_cke_psk_preamble(SSL *s, PACKET *pkt)
     OPENSSL_cleanse(psk, psklen);
 
     if (s->s3->tmp.psk == NULL) {
+        s->s3->tmp.psklen = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -3508,6 +3517,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return MSG_PROCESS_ERROR;
 }
@@ -4117,6 +4127,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             s->session->ext.alpn_selected =
                 OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
             if (s->session->ext.alpn_selected == NULL) {
+                s->session->ext.alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
                          ERR_R_MALLOC_FAILURE);

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 16:23:03 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 41D975C35A5;
 Thu, 25 Mar 2021 16:23:03 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5r4Q6y5Qz3qf5;
 Thu, 25 Mar 2021 16:23:02 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DCBE320FA;
 Thu, 25 Mar 2021 16:23:02 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PGN25O082797;
 Thu, 25 Mar 2021 16:23:02 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PGN2G9082794;
 Thu, 25 Mar 2021 16:23:02 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 16:23:02 GMT
Message-Id: <202103251623.12PGN2G9082794@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 280d35ab5b2d - stable/13 - OpenSSL: Regen manual pages for 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 280d35ab5b2da45f3f52ef135b3b5f7c529e4392
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 16:23:03 -0000

The branch stable/13 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=280d35ab5b2da45f3f52ef135b3b5f7c529e4392

commit 280d35ab5b2da45f3f52ef135b3b5f7c529e4392
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 16:17:52 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 16:22:21 +0000

    OpenSSL: Regen manual pages for 1.1.1k
    
    (cherry picked from commit 7595394130a163b7ff53d9ef3f28fcb87f629d17)
---
 secure/lib/libcrypto/Makefile.inc                                     | 4 ++--
 secure/lib/libcrypto/man/man3/ADMISSIONS.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3                | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3                 | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_length.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3                  | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TIME_set.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3                   | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_start_job.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BF_encrypt.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDR.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ctrl.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_base64.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_buffer.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_cipher.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_md.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_ssl.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_find_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_data.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3                  | 2 +-
 secure/lib/libcrypto/man/man3/BIO_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new_CMS.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3                    | 2 +-
 secure/lib/libcrypto/man/man3/BIO_printf.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_push.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_accept.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_bio.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_connect.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_fd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_file.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_mem.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_socket.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_set_callback.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BIO_should_retry.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_BLINDING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_start.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_add.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_add_word.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BN_bn2bin.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BN_cmp.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_copy.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_generate_prime.3                     | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_inverse.3                        | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_montgomery.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_num_bytes.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_rand.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_security_bits.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_set_bit.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_swap.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_zero.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BUF_MEM_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add0_cert.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_recipient_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_signer.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CMS_compress.3                          | 2 +-
 secure/lib/libcrypto/man/man3/CMS_decrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_encrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_final.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_RecipientInfos.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_SignerInfos.3                  | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get1_ReceiptRequest.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign_receipt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/CMS_uncompress.3                        | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify.3                            | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify_receipt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_free.3                     | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_load_file.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_THREAD_run_once.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_get_ex_new_index.3               | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_memcmp.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_get0_log_by_id.3            | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_new.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CT_POLICY_EVAL_CTX_new.3                | 2 +-
 secure/lib/libcrypto/man/man3/DEFINE_STACK_OF.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DES_random_key.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_key.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_parameters.3                | 2 +-
 secure/lib/libcrypto/man/man3/DH_get0_pqg.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_get_1024_160.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_meth_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/DH_new_by_nid.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_set_method.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_size.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_SIG_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_do_sign.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_dup_DH.3                            | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_parameters.3               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_get0_pqg.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_get_data_mtu.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_set_timer_cb.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLSv1_listen.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECDSA_SIG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECPKParameters_print.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GFp_simple_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_copy.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_get_enc_flags.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_add.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/ENGINE_add.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ERR_GET_LIB.3                           | 2 +-
 secure/lib/libcrypto/man/man3/ERR_clear_error.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ERR_error_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_crypto_strings.3               | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_strings.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_print_errors.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_put_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_remove_state.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_set_mark.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_BytesToKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_CTX_get_cipher_data.3        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_meth_new.3                   | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestSignInit.3                    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestVerifyInit.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncodeInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncryptInit.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_MD_meth_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_OpenInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_ASN1_METHOD.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_ctrl.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_hkdf_md.3              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_scrypt_N.3             | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_asn1_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_cmp.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_decrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_derive.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_encrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_get_default_digest_nid.3       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_keygen.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_new.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_print_private.3                | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_set1_RSA.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_sign.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_size.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify_recover.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SealInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SignInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_VerifyInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aes.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aria.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_bf_cbc.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_blake2b512.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_camellia.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_cast5_cbc.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_chacha20.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_des.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_desx_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_idea_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md2.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md5.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_mdc2.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc2_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc5_32_12_16_cbc.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_ripemd160.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_seed_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha1.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha224.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha3_224.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm3.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm4_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_whirlpool.3                         | 2 +-
 secure/lib/libcrypto/man/man3/HMAC.3                                  | 2 +-
 secure/lib/libcrypto/man/man3/MD5.3                                   | 2 +-
 secure/lib/libcrypto/man/man3/MDC2_Init.3                             | 2 +-
 secure/lib/libcrypto/man/man3/OBJ_nid2obj.3                           | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_REQUEST_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_cert_to_id.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_request_add1_nonce.3               | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_resp_find_status.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_response_status.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_sendreq_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_Applink.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_COMPFUNC.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_stats.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_VERSION_NUMBER.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_fork_prepare.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_ia32cap.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_crypto.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_ssl.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_instrument_bus.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_load_builtin_modules.3          | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_malloc.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_secure_malloc.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_INFO.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_LOADER.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_SEARCH.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_expect.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_open.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OpenSSL_add_all_algorithms.3            | 2 +-
 secure/lib/libcrypto/man/man3/PEM_bytes_read_bio.3                    | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_CMS.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_PrivateKey.3               | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_ex.3                       | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_CMS_stream.3              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_PKCS7_stream.3            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_create.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_newpass.3                        | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_parse.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PKCS5_PBKDF2_HMAC.3                     | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_decrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_encrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign.3                            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign_add_signer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_verify.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_generate.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_get0_master.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_reseed.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_callbacks.3               | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_ex_data.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_add.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_bytes.3                            | 2 +-
 secure/lib/libcrypto/man/man3/RAND_cleanup.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_egd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_load_file.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RAND_set_rand_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/RC4_set_key.3                           | 2 +-
 secure/lib/libcrypto/man/man3/RIPEMD160_Init.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_blinding_on.3                       | 2 +-
 secure/lib/libcrypto/man/man3/RSA_check_key.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RSA_get0_key.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/RSA_padding_add_PKCS1_type_1.3          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/RSA_private_encrypt.3                   | 2 +-
 secure/lib/libcrypto/man/man3/RSA_public_encrypt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign_ASN1_OCTET_STRING.3            | 2 +-
 secure/lib/libcrypto/man/man3/RSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SCT_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SCT_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SCT_validate.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SHA256_Init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_CMS.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_PKCS7.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_CMS.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_PKCS7.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CIPHER_get_name.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_COMP_add_compression_method.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set1_prefix.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_flags.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_ssl_ctx.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd_argv.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add1_chain_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_extra_chain_cert.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_session.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_ctrl.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_dane_enable.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_flush_sessions.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_free.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get0_param.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get_verify_mode.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_has_client_custom_ext.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_load_verify_locations.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_number.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_cache_size.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_get_cb.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sessions.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set0_CA_list.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_curves.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_sigalgs.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_verify_cert_store.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_alpn_select_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_cb.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_store.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_verify_callback.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cipher_list.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_cert_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_hello_cb.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ct_validation_callback.3    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ctlog_list_file.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_default_passwd_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ex_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_generate_session_id.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_info_callback.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_keylog_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_max_cert_list.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_min_proto_version.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_mode.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_msg_callback.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_num_tickets.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_options.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_psk_client_callback.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_quiet_shutdown.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_read_ahead.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_record_padding_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_cache_mode.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_id_context.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_ticket_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_split_send_fragment.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ssl_version.3               | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_timeout.3                   | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_tlsext_servername_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_status_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_use_srtp.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tmp_dh_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_verify.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_certificate.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_serverinfo.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_free.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_cipher.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_hostname.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_id_context.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_peer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_compress_id.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_ex_data.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_protocol_version.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_time.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_has_ticket.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_is_resumable.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_print.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_set1_id.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_accept.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alert_type_string.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alloc_buffers.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_check_chain.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_clear.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_do_handshake.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_export_keying_material.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_extension_supported.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_free.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get0_peer_scts.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_SSL_CTX.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_all_async_fds.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_ciphers.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_client_random.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_current_cipher.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_default_timeout.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_extms_support.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_cert_chain.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_certificate.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_signature_nid.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_tmp_key.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_psk_identity.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_rbio.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_shared_sigalgs.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_version.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_in_init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_key_update.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_library_init.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_load_client_CA_file.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_pending.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read_early_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_rstate_string.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_session_reused.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set1_host.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_bio.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_connect_state.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_shutdown.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_shutdown.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_state_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_want.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_write.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_STRING.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_UTIL_read_pw.3                       | 2 +-
 secure/lib/libcrypto/man/man3/UI_create_method.3                      | 2 +-
 secure/lib/libcrypto/man/man3/UI_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/X509V3_get_d2i.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_ALGOR_dup.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_CRL_get0_by_serial.3               | 2 +-
 secure/lib/libcrypto/man/man3/X509_EXTENSION_set_object.3             | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_hash_dir.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_meth_new.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_ENTRY_get_object.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_add_entry_by_txt.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get0_der.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get_index_by_NID.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_print_ex.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_PUBKEY_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_SIG_get0.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_get_error.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_set_verify_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_add_cert.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_get0_param.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_new.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_set_verify_cb_func.3         | 2 +-
 secure/lib/libcrypto/man/man3/X509_VERIFY_PARAM_set_flags.3           | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_ca.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_host.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_issued.3                     | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_private_key.3                | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_purpose.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp_time.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_digest.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_dup.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_notBefore.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_signature.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_uids.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_extension_flags.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_pubkey.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_serialNumber.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_subject_name.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_version.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509_new.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_sign.3                             | 2 +-
 secure/lib/libcrypto/man/man3/X509_verify_cert.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509v3_get_ext_by_NID.3                 | 2 +-
 secure/lib/libcrypto/man/man3/d2i_DHparams.3                          | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PKCS8PrivateKey_bio.3               | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PrivateKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/d2i_SSL_SESSION.3                       | 2 +-
 secure/lib/libcrypto/man/man3/d2i_X509.3                              | 2 +-
 secure/lib/libcrypto/man/man3/i2d_CMS_bio_stream.3                    | 2 +-
 secure/lib/libcrypto/man/man3/i2d_PKCS7_bio_stream.3                  | 2 +-
 secure/lib/libcrypto/man/man3/i2d_re_X509_tbs.3                       | 2 +-
 secure/lib/libcrypto/man/man3/o2i_SCT_LIST.3                          | 2 +-
 secure/lib/libcrypto/man/man5/x509v3_config.5                         | 2 +-
 secure/lib/libcrypto/man/man7/Ed25519.7                               | 2 +-
 secure/lib/libcrypto/man/man7/RAND.7                                  | 2 +-
 secure/lib/libcrypto/man/man7/RAND_DRBG.7                             | 2 +-
 secure/lib/libcrypto/man/man7/RSA-PSS.7                               | 2 +-
 secure/lib/libcrypto/man/man7/SM2.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/X25519.7                                | 2 +-
 secure/lib/libcrypto/man/man7/bio.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ct.7                                    | 2 +-
 secure/lib/libcrypto/man/man7/des_modes.7                             | 2 +-
 secure/lib/libcrypto/man/man7/evp.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store-file.7                       | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store.7                            | 2 +-
 secure/lib/libcrypto/man/man7/passphrase-encoding.7                   | 2 +-
 secure/lib/libcrypto/man/man7/proxy-certificates.7                    | 2 +-
 secure/lib/libcrypto/man/man7/scrypt.7                                | 2 +-
 secure/lib/libcrypto/man/man7/ssl.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/x509.7                                  | 2 +-
 secure/usr.bin/openssl/man/CA.pl.1                                    | 2 +-
 secure/usr.bin/openssl/man/asn1parse.1                                | 2 +-
 secure/usr.bin/openssl/man/ca.1                                       | 2 +-
 secure/usr.bin/openssl/man/ciphers.1                                  | 2 +-
 secure/usr.bin/openssl/man/cms.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl2pkcs7.1                                | 2 +-
 secure/usr.bin/openssl/man/dgst.1                                     | 2 +-
 secure/usr.bin/openssl/man/dhparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/dsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/dsaparam.1                                 | 2 +-
 secure/usr.bin/openssl/man/ec.1                                       | 2 +-
 secure/usr.bin/openssl/man/ecparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/enc.1                                      | 2 +-
 secure/usr.bin/openssl/man/engine.1                                   | 2 +-
 secure/usr.bin/openssl/man/errstr.1                                   | 2 +-
 secure/usr.bin/openssl/man/gendsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/genpkey.1                                  | 2 +-
 secure/usr.bin/openssl/man/genrsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/list.1                                     | 2 +-
 secure/usr.bin/openssl/man/nseq.1                                     | 2 +-
 secure/usr.bin/openssl/man/ocsp.1                                     | 2 +-
 secure/usr.bin/openssl/man/openssl.1                                  | 2 +-
 secure/usr.bin/openssl/man/passwd.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs12.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs7.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkcs8.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkey.1                                     | 2 +-
 secure/usr.bin/openssl/man/pkeyparam.1                                | 2 +-
 secure/usr.bin/openssl/man/pkeyutl.1                                  | 2 +-
 secure/usr.bin/openssl/man/prime.1                                    | 2 +-
 secure/usr.bin/openssl/man/rand.1                                     | 2 +-
 secure/usr.bin/openssl/man/req.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsautl.1                                   | 2 +-
 secure/usr.bin/openssl/man/s_client.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_server.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_time.1                                   | 2 +-
 secure/usr.bin/openssl/man/sess_id.1                                  | 2 +-
 secure/usr.bin/openssl/man/smime.1                                    | 2 +-
 secure/usr.bin/openssl/man/speed.1                                    | 2 +-
 secure/usr.bin/openssl/man/spkac.1                                    | 2 +-
 secure/usr.bin/openssl/man/srp.1                                      | 2 +-
 secure/usr.bin/openssl/man/storeutl.1                                 | 2 +-
 secure/usr.bin/openssl/man/ts.1                                       | 2 +-
 secure/usr.bin/openssl/man/tsget.1                                    | 2 +-
 secure/usr.bin/openssl/man/verify.1                                   | 2 +-
 secure/usr.bin/openssl/man/version.1                                  | 2 +-
 secure/usr.bin/openssl/man/x509.1                                     | 2 +-
 535 files changed, 536 insertions(+), 536 deletions(-)

diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc
index 9860eb2ca4e1..0edeb9098ecd 100644
--- a/secure/lib/libcrypto/Makefile.inc
+++ b/secure/lib/libcrypto/Makefile.inc
@@ -3,8 +3,8 @@
 .include <bsd.own.mk>
 
 # OpenSSL version used for manual page generation
-OPENSSL_VER=	1.1.1j
-OPENSSL_DATE=	2021-02-16
+OPENSSL_VER=	1.1.1k
+OPENSSL_DATE=	2021-03-25
 
 LCRYPTO_SRC=	${SRCTOP}/crypto/openssl
 LCRYPTO_DOC=	${LCRYPTO_SRC}/doc
diff --git a/secure/lib/libcrypto/man/man3/ADMISSIONS.3 b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
index 2720754cf9e8..ad086fb0e8e9 100644
--- a/secure/lib/libcrypto/man/man3/ADMISSIONS.3
+++ b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ADMISSIONS 3"
-.TH ADMISSIONS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ADMISSIONS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3 b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
index 2daf11f19a0d..3c70dcaa8c2d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_INTEGER_GET_INT64 3"
-.TH ASN1_INTEGER_GET_INT64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_INTEGER_GET_INT64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3 b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
index f45f3fdc98ab..04ba1089d333 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_ITEM_LOOKUP 3"
-.TH ASN1_ITEM_LOOKUP 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_ITEM_LOOKUP 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3 b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
index 69678622d9fa..54c7476b7c08 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_OBJECT_NEW 3"
-.TH ASN1_OBJECT_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_OBJECT_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
index 9b9393cc5290..ad1b19c78546 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_TABLE_ADD 3"
-.TH ASN1_STRING_TABLE_ADD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_TABLE_ADD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
index ca15f898e6a8..75de680bb66a 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_LENGTH 3"
-.TH ASN1_STRING_LENGTH 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_LENGTH 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
index e4f6859c186d..76d17e1c6b23 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_NEW 3"
-.TH ASN1_STRING_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
index fbfcf517275f..d072930ec39d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_PRINT_EX 3"
-.TH ASN1_STRING_PRINT_EX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_PRINT_EX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3 b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
index 00b72c375820..0a3564196833 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TIME_SET 3"
-.TH ASN1_TIME_SET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TIME_SET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3 b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
index 4845c5280b6b..bf12e2b90dd2 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TYPE_GET 3"
-.TH ASN1_TYPE_GET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TYPE_GET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3 b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
index ce95ffd0fc29..207255106b3c 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_GENERATE_NCONF 3"
-.TH ASN1_GENERATE_NCONF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_GENERATE_NCONF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3 b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
index b761db6b5b7a..d1e3abb572db 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_WAIT_CTX_NEW 3"
-.TH ASYNC_WAIT_CTX_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_WAIT_CTX_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3 b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
index 03b06aff8fec..b5bb00413452 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_START_JOB 3"
-.TH ASYNC_START_JOB 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_START_JOB 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BF_encrypt.3 b/secure/lib/libcrypto/man/man3/BF_encrypt.3
index 8916feee640f..58cdcb4fc89e 100644
--- a/secure/lib/libcrypto/man/man3/BF_encrypt.3
+++ b/secure/lib/libcrypto/man/man3/BF_encrypt.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BF_ENCRYPT 3"
-.TH BF_ENCRYPT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BF_ENCRYPT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDR.3 b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
index 0dbedbf16b9d..fd492eee9531 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDR.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDR 3"
-.TH BIO_ADDR 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDR 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3 b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
index fb1d199796cb..7d64b051241a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDRINFO 3"
-.TH BIO_ADDRINFO 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDRINFO 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_connect.3 b/secure/lib/libcrypto/man/man3/BIO_connect.3
index 44b80366360d..507289d24595 100644
--- a/secure/lib/libcrypto/man/man3/BIO_connect.3
+++ b/secure/lib/libcrypto/man/man3/BIO_connect.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CONNECT 3"
-.TH BIO_CONNECT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CONNECT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ctrl.3 b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
index 7d90a1a40792..c290cfceab59 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ctrl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CTRL 3"
-.TH BIO_CTRL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CTRL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_base64.3 b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
index 39b94d930d17..14db0fc366a1 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_base64.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BASE64 3"
-.TH BIO_F_BASE64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BASE64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3 b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
index 61cfe1eec579..2cd165a9700d 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BUFFER 3"
-.TH BIO_F_BUFFER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BUFFER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3 b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
index 33e6f6c95c6e..68b32c47dac7 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_CIPHER 3"
-.TH BIO_F_CIPHER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_CIPHER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_md.3 b/secure/lib/libcrypto/man/man3/BIO_f_md.3
index 04c3fdaecc20..2a3dec321113 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_md.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_md.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_MD 3"
-.TH BIO_F_MD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_MD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_null.3 b/secure/lib/libcrypto/man/man3/BIO_f_null.3
index 21225c1e17fe..6d868bd0a10b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_null.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_null.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_NULL 3"
-.TH BIO_F_NULL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_NULL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3 b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
index 02b2bcd5e714..0ff1ecc99f79 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_SSL 3"
-.TH BIO_F_SSL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_SSL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_find_type.3 b/secure/lib/libcrypto/man/man3/BIO_find_type.3
index 579435574865..e4757943b8be 100644
--- a/secure/lib/libcrypto/man/man3/BIO_find_type.3
+++ b/secure/lib/libcrypto/man/man3/BIO_find_type.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_FIND_TYPE 3"
-.TH BIO_FIND_TYPE 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_FIND_TYPE 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_data.3 b/secure/lib/libcrypto/man/man3/BIO_get_data.3
index df2d8f5667dd..5297cc0f2214 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_data.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_data.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_DATA 3"
-.TH BIO_GET_DATA 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_DATA 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3 b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
index 31914a912318..78d970c7267f 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_EX_NEW_INDEX 3"
-.TH BIO_GET_EX_NEW_INDEX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_EX_NEW_INDEX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_meth_new.3 b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
index 5f77a8668b58..8953efaf4441 100644
--- a/secure/lib/libcrypto/man/man3/BIO_meth_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_METH_NEW 3"
-.TH BIO_METH_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_METH_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new.3 b/secure/lib/libcrypto/man/man3/BIO_new.3
index d37e03bbe65f..4d861bfdfa20 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW 3"
-.TH BIO_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3 b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
index 4c5f7a282ced..0c662446b29a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW_CMS 3"
-.TH BIO_NEW_CMS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW_CMS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3 b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
index 89758f5f6b2c..1ab7d109d1fc 100644
--- a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
+++ b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PARSE_HOSTSERV 3"
-.TH BIO_PARSE_HOSTSERV 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PARSE_HOSTSERV 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_printf.3 b/secure/lib/libcrypto/man/man3/BIO_printf.3
index f56b2c28937c..2c3bd3d70180 100644
--- a/secure/lib/libcrypto/man/man3/BIO_printf.3
+++ b/secure/lib/libcrypto/man/man3/BIO_printf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PRINTF 3"
-.TH BIO_PRINTF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PRINTF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_push.3 b/secure/lib/libcrypto/man/man3/BIO_push.3
index 359dfe245ae7..1c5c39143c0b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_push.3
+++ b/secure/lib/libcrypto/man/man3/BIO_push.3
@@ -133,7 +133,7 @@
*** 6521 LINES SKIPPED ***

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 16:26:40 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9ABFB5C3905;
 Thu, 25 Mar 2021 16:26:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5r8c3yxvz3r7J;
 Thu, 25 Mar 2021 16:26:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7B06820FB;
 Thu, 25 Mar 2021 16:26:40 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PGQeJN083452;
 Thu, 25 Mar 2021 16:26:40 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PGQeiv083451;
 Thu, 25 Mar 2021 16:26:40 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 16:26:40 GMT
Message-Id: <202103251626.12PGQeiv083451@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 7d3f5a19f455 - releng/13.0 - OpenSSL: Merge OpenSSL 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 7d3f5a19f455e0e3fb17ac3f9af288e8c7fffc15
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 16:26:40 -0000

The branch releng/13.0 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=7d3f5a19f455e0e3fb17ac3f9af288e8c7fffc15

commit 7d3f5a19f455e0e3fb17ac3f9af288e8c7fffc15
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 15:45:19 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 16:25:06 +0000

    OpenSSL: Merge OpenSSL 1.1.1k
    
    Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380'
    
    (cherry picked from commit b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
    
    Approved by:    re (implicit)
---
 crypto/openssl/CHANGES                       | 44 ++++++++++++++++++++++++++++
 crypto/openssl/NEWS                          |  8 +++++
 crypto/openssl/README                        |  4 +--
 crypto/openssl/apps/s_cb.c                   |  5 ++--
 crypto/openssl/apps/s_time.c                 |  5 ++--
 crypto/openssl/crypto/asn1/asn1_par.c        |  3 +-
 crypto/openssl/crypto/asn1/bio_ndef.c        |  4 ++-
 crypto/openssl/crypto/engine/eng_devcrypto.c | 17 +++++++++--
 crypto/openssl/crypto/evp/evp_enc.c          |  2 +-
 crypto/openssl/crypto/modes/cbc128.c         |  8 +++--
 crypto/openssl/crypto/modes/gcm128.c         |  6 ++--
 crypto/openssl/crypto/o_time.c               |  6 ++--
 crypto/openssl/crypto/rand/rand_lib.c        |  8 +++--
 crypto/openssl/crypto/rsa/rsa_ssl.c          |  2 +-
 crypto/openssl/crypto/x509/x509_vfy.c        | 12 +++++---
 crypto/openssl/include/openssl/opensslv.h    |  6 ++--
 crypto/openssl/ssl/s3_lib.c                  |  7 +++--
 crypto/openssl/ssl/ssl_lib.c                 | 16 +++++++---
 crypto/openssl/ssl/statem/extensions.c       |  4 +++
 crypto/openssl/ssl/statem/extensions_clnt.c  | 16 ++++++++--
 crypto/openssl/ssl/statem/statem_clnt.c      |  8 ++++-
 crypto/openssl/ssl/statem/statem_srvr.c      | 19 +++++++++---
 22 files changed, 166 insertions(+), 44 deletions(-)

diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
index a4a63a9bea22..7f8057bb6f0a 100644
--- a/crypto/openssl/CHANGES
+++ b/crypto/openssl/CHANGES
@@ -7,6 +7,50 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
+
+  *) Fixed a problem with verifying a certificate chain when using the
+     X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
+     of the certificates present in a certificate chain. It is not set by
+     default.
+
+     Starting from OpenSSL version 1.1.1h a check to disallow certificates in
+     the chain that have explicitly encoded elliptic curve parameters was added
+     as an additional strict check.
+
+     An error in the implementation of this check meant that the result of a
+     previous check to confirm that certificates in the chain are valid CA
+     certificates was overwritten. This effectively bypasses the check
+     that non-CA certificates must not be able to issue other certificates.
+
+     If a "purpose" has been configured then there is a subsequent opportunity
+     for checks that the certificate is a valid CA.  All of the named "purpose"
+     values implemented in libcrypto perform this check.  Therefore, where
+     a purpose is set the certificate chain will still be rejected even when the
+     strict flag has been used. A purpose is set by default in libssl client and
+     server certificate verification routines, but it can be overridden or
+     removed by an application.
+
+     In order to be affected, an application must explicitly set the
+     X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
+     for the certificate verification or, in the case of TLS client or server
+     applications, override the default purpose.
+     (CVE-2021-3450)
+     [Tomáš Mráz]
+
+  *) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
+     crafted renegotiation ClientHello message from a client. If a TLSv1.2
+     renegotiation ClientHello omits the signature_algorithms extension (where
+     it was present in the initial ClientHello), but includes a
+     signature_algorithms_cert extension then a NULL pointer dereference will
+     result, leading to a crash and a denial of service attack.
+
+     A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
+     (which is the default configuration). OpenSSL TLS clients are not impacted
+     by this issue.
+     (CVE-2021-3449)
+     [Peter Kästle and Samuel Sapalski]
+
  Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
 
   *) Fixed the X509_issuer_and_serial_hash() function. It attempts to
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
index 3cce52506645..05991a0c214a 100644
--- a/crypto/openssl/NEWS
+++ b/crypto/openssl/NEWS
@@ -5,6 +5,14 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
+
+      o Fixed a problem with verifying a certificate chain when using the
+        X509_V_FLAG_X509_STRICT flag (CVE-2021-3450)
+      o Fixed an issue where an OpenSSL TLS server may crash if sent a
+        maliciously crafted renegotiation ClientHello message from a client
+        (CVE-2021-3449)
+
   Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
 
       o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
diff --git a/crypto/openssl/README b/crypto/openssl/README
index da5629f92c81..b92a8bd3a4b5 100644
--- a/crypto/openssl/README
+++ b/crypto/openssl/README
@@ -1,7 +1,7 @@
 
- OpenSSL 1.1.1j 16 Feb 2021
+ OpenSSL 1.1.1k 25 Mar 2021
 
- Copyright (c) 1998-2020 The OpenSSL Project
+ Copyright (c) 1998-2021 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 
diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c
index 6406ddfb9e1b..dee1b2e5b4f6 100644
--- a/crypto/openssl/apps/s_cb.c
+++ b/crypto/openssl/apps/s_cb.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -934,7 +934,8 @@ static int set_cert_cb(SSL *ssl, void *arg)
                 if (!SSL_build_cert_chain(ssl, 0))
                     return 0;
             } else if (exc->chain != NULL) {
-                SSL_set1_chain(ssl, exc->chain);
+                if (!SSL_set1_chain(ssl, exc->chain))
+                    return 0;
             }
         }
         exc = exc->prev;
diff --git a/crypto/openssl/apps/s_time.c b/crypto/openssl/apps/s_time.c
index 628e65b26e19..1235e545c20a 100644
--- a/crypto/openssl/apps/s_time.c
+++ b/crypto/openssl/apps/s_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -263,7 +263,8 @@ int s_time_main(int argc, char **argv)
          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
     printf
         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
-         nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
+         nConn, (long)time(NULL) - finishtime + maxtime,
+         nConn > 0 ? bytes_read / nConn : 0l);
 
     /*
      * Now loop and time connections using the same session id over and over
diff --git a/crypto/openssl/crypto/asn1/asn1_par.c b/crypto/openssl/crypto/asn1/asn1_par.c
index 3f10c7cb94c5..a32fa47f2206 100644
--- a/crypto/openssl/crypto/asn1/asn1_par.c
+++ b/crypto/openssl/crypto/asn1/asn1_par.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -325,6 +325,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                 }
                 if (BIO_puts(bp, "]") <= 0)
                     goto end;
+                dump_cont = 0;
             }
 
             if (!nl) {
diff --git a/crypto/openssl/crypto/asn1/bio_ndef.c b/crypto/openssl/crypto/asn1/bio_ndef.c
index 6222c99074de..d7d7d80eea91 100644
--- a/crypto/openssl/crypto/asn1/bio_ndef.c
+++ b/crypto/openssl/crypto/asn1/bio_ndef.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -113,6 +113,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
     ndef_aux = *(NDEF_SUPPORT **)parg;
 
     derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    if (derlen < 0)
+        return 0;
     if ((p = OPENSSL_malloc(derlen)) == NULL) {
         ASN1err(ASN1_F_NDEF_PREFIX, ERR_R_MALLOC_FAILURE);
         return 0;
diff --git a/crypto/openssl/crypto/engine/eng_devcrypto.c b/crypto/openssl/crypto/engine/eng_devcrypto.c
index 49e9ce1af33b..84a3b7dbec75 100644
--- a/crypto/openssl/crypto/engine/eng_devcrypto.c
+++ b/crypto/openssl/crypto/engine/eng_devcrypto.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -758,8 +758,9 @@ static int devcrypto_unload(ENGINE *e)
 void engine_load_devcrypto_int()
 {
     ENGINE *e = NULL;
+    int fd;
 
-    if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+    if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
 #ifndef ENGINE_DEVCRYPTO_DEBUG
         if (errno != ENOENT)
 #endif
@@ -767,6 +768,18 @@ void engine_load_devcrypto_int()
         return;
     }
 
+#ifdef CRIOGET
+    if (ioctl(fd, CRIOGET, &cfd) < 0) {
+        fprintf(stderr, "Could not create crypto fd: %s\n", strerror(errno));
+        close(fd);
+        cfd = -1;
+        return;
+    }
+    close(fd);
+#else
+    cfd = fd;
+#endif
+
     if ((e = ENGINE_new()) == NULL
         || !ENGINE_set_destroy_function(e, devcrypto_unload)) {
         ENGINE_free(e);
diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c
index 0843caf4f0a4..e3c165d48e08 100644
--- a/crypto/openssl/crypto/evp/evp_enc.c
+++ b/crypto/openssl/crypto/evp/evp_enc.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/modes/cbc128.c b/crypto/openssl/crypto/modes/cbc128.c
index c85e37c6a546..15a14be70872 100644
--- a/crypto/openssl/crypto/modes/cbc128.c
+++ b/crypto/openssl/crypto/modes/cbc128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -69,7 +69,8 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
         in += 16;
         out += 16;
     }
-    memcpy(ivec, iv, 16);
+    if (ivec != iv)
+        memcpy(ivec, iv, 16);
 }
 
 void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
@@ -114,7 +115,8 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
                 out += 16;
             }
         }
-        memcpy(ivec, iv, 16);
+        if (ivec != iv)
+            memcpy(ivec, iv, 16);
     } else {
         if (STRICT_ALIGNMENT &&
             ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
diff --git a/crypto/openssl/crypto/modes/gcm128.c b/crypto/openssl/crypto/modes/gcm128.c
index 0c0bf3cda5b5..8304efff48be 100644
--- a/crypto/openssl/crypto/modes/gcm128.c
+++ b/crypto/openssl/crypto/modes/gcm128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -1385,8 +1385,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
                 else
                     ctx->Yi.d[3] = ctr;
                 for (i = 0; i < 16 / sizeof(size_t); ++i) {
-                    size_t c = in[i];
-                    out[i] = c ^ ctx->EKi.t[i];
+                    size_t c = in_t[i];
+                    out_t[i] = c ^ ctx->EKi.t[i];
                     ctx->Xi.t[i] ^= c;
                 }
                 GCM_MUL(ctx);
diff --git a/crypto/openssl/crypto/o_time.c b/crypto/openssl/crypto/o_time.c
index 3502edda6238..3fa70c45af83 100644
--- a/crypto/openssl/crypto/o_time.c
+++ b/crypto/openssl/crypto/o_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -133,8 +133,8 @@ int OPENSSL_gmtime_diff(int *pday, int *psec,
 static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
                       long *pday, int *psec)
 {
-    int offset_hms, offset_day;
-    long time_jd;
+    int offset_hms;
+    long offset_day, time_jd;
     int time_year, time_month, time_day;
     /* split offset into days and day seconds */
     offset_day = offset_sec / SECS_PER_DAY;
diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_lib.c
index ba3a29e58468..5c72fad8ca26 100644
--- a/crypto/openssl/crypto/rand/rand_lib.c
+++ b/crypto/openssl/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -432,9 +432,13 @@ err:
 RAND_POOL *rand_pool_new(int entropy_requested, int secure,
                          size_t min_len, size_t max_len)
 {
-    RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool));
+    RAND_POOL *pool;
     size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure);
 
+    if (!RUN_ONCE(&rand_init, do_rand_init))
+        return NULL;
+
+    pool = OPENSSL_zalloc(sizeof(*pool));
     if (pool == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
diff --git a/crypto/openssl/crypto/rsa/rsa_ssl.c b/crypto/openssl/crypto/rsa/rsa_ssl.c
index ecdb3cee1fa3..e1c755ae460b 100644
--- a/crypto/openssl/crypto/rsa/rsa_ssl.c
+++ b/crypto/openssl/crypto/rsa/rsa_ssl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c
index 0c71b2e8b4ad..20a36e763c5d 100644
--- a/crypto/openssl/crypto/x509/x509_vfy.c
+++ b/crypto/openssl/crypto/x509/x509_vfy.c
@@ -524,15 +524,19 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
                 ret = 1;
             break;
         }
-        if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
+        if (ret > 0
+            && (ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
             /* Check for presence of explicit elliptic curve parameters */
             ret = check_curve(x);
-            if (ret < 0)
+            if (ret < 0) {
                 ctx->error = X509_V_ERR_UNSPECIFIED;
-            else if (ret == 0)
+                ret = 0;
+            } else if (ret == 0) {
                 ctx->error = X509_V_ERR_EC_KEY_EXPLICIT_PARAMS;
+            }
         }
-        if ((x->ex_flags & EXFLAG_CA) == 0
+        if (ret > 0
+            && (x->ex_flags & EXFLAG_CA) == 0
             && x->ex_pathlen != -1
             && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
             ctx->error = X509_V_ERR_INVALID_EXTENSION;
diff --git a/crypto/openssl/include/openssl/opensslv.h b/crypto/openssl/include/openssl/opensslv.h
index 5eeb751672aa..ec4a1123f131 100644
--- a/crypto/openssl/include/openssl/opensslv.h
+++ b/crypto/openssl/include/openssl/opensslv.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x101010afL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1j-freebsd  16 Feb 2021"
+# define OPENSSL_VERSION_NUMBER  0x101010bfL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1k-freebsd  25 Mar 2021"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index 4511b52c9afc..b256a4b93503 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -4629,6 +4629,7 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
 
         OPENSSL_clear_free(s->s3->tmp.psk, psklen);
         s->s3->tmp.psk = NULL;
+        s->s3->tmp.psklen = 0;
         if (!s->method->ssl3_enc->generate_master_secret(s,
                     s->session->master_key, pskpms, pskpmslen,
                     &s->session->master_key_length)) {
@@ -4658,8 +4659,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
         else
             OPENSSL_cleanse(pms, pmslen);
     }
-    if (s->server == 0)
+    if (s->server == 0) {
         s->s3->tmp.pms = NULL;
+        s->s3->tmp.pmslen = 0;
+    }
     return ret;
 }
 
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index 382f4b6d7b58..3fc6549c80e3 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -781,8 +781,10 @@ SSL *SSL_new(SSL_CTX *ctx)
         s->ext.ecpointformats =
             OPENSSL_memdup(ctx->ext.ecpointformats,
                            ctx->ext.ecpointformats_len);
-        if (!s->ext.ecpointformats)
+        if (!s->ext.ecpointformats) {
+            s->ext.ecpointformats_len = 0;
             goto err;
+        }
         s->ext.ecpointformats_len =
             ctx->ext.ecpointformats_len;
     }
@@ -791,8 +793,10 @@ SSL *SSL_new(SSL_CTX *ctx)
             OPENSSL_memdup(ctx->ext.supportedgroups,
                            ctx->ext.supportedgroups_len
                                 * sizeof(*ctx->ext.supportedgroups));
-        if (!s->ext.supportedgroups)
+        if (!s->ext.supportedgroups) {
+            s->ext.supportedgroups_len = 0;
             goto err;
+        }
         s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
     }
 #endif
@@ -802,8 +806,10 @@ SSL *SSL_new(SSL_CTX *ctx)
 
     if (s->ctx->ext.alpn) {
         s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
-        if (s->ext.alpn == NULL)
+        if (s->ext.alpn == NULL) {
+            s->ext.alpn_len = 0;
             goto err;
+        }
         memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
         s->ext.alpn_len = s->ctx->ext.alpn_len;
     }
@@ -2923,6 +2929,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
     OPENSSL_free(ctx->ext.alpn);
     ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ctx->ext.alpn == NULL) {
+        ctx->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
@@ -2942,6 +2949,7 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
     OPENSSL_free(ssl->ext.alpn);
     ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ssl->ext.alpn == NULL) {
+        ssl->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
diff --git a/crypto/openssl/ssl/statem/extensions.c b/crypto/openssl/ssl/statem/extensions.c
index 9f51a6eb28d9..e1a3b1db67a1 100644
--- a/crypto/openssl/ssl/statem/extensions.c
+++ b/crypto/openssl/ssl/statem/extensions.c
@@ -336,6 +336,8 @@ static const EXTENSION_DEFINITION ext_defs[] = {
         tls_construct_stoc_key_share, tls_construct_ctos_key_share,
         final_key_share
     },
+#else
+    INVALID_EXTENSION,
 #endif
     {
         /* Must be after key_share */
@@ -1137,6 +1139,7 @@ static int init_sig_algs(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
+    s->s3->tmp.peer_sigalgslen = 0;
 
     return 1;
 }
@@ -1146,6 +1149,7 @@ static int init_sig_algs_cert(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
     s->s3->tmp.peer_cert_sigalgs = NULL;
+    s->s3->tmp.peer_cert_sigalgslen = 0;
 
     return 1;
 }
diff --git a/crypto/openssl/ssl/statem/extensions_clnt.c b/crypto/openssl/ssl/statem/extensions_clnt.c
index bcce0f1d9534..ce8a75794c3a 100644
--- a/crypto/openssl/ssl/statem/extensions_clnt.c
+++ b/crypto/openssl/ssl/statem/extensions_clnt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -816,6 +816,7 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
         OPENSSL_free(s->psksession_id);
         s->psksession_id = OPENSSL_memdup(id, idlen);
         if (s->psksession_id == NULL) {
+            s->psksession_id_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
@@ -1375,6 +1376,7 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
         OPENSSL_free(s->ext.peer_ecpointformats);
         s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
         if (s->ext.peer_ecpointformats == NULL) {
+            s->ext.peer_ecpointformats_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -1492,8 +1494,13 @@ int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->ext.scts_len = (uint16_t)size;
         if (size > 0) {
             s->ext.scts = OPENSSL_malloc(size);
-            if (s->ext.scts == NULL
-                    || !PACKET_copy_bytes(pkt, s->ext.scts, size)) {
+            if (s->ext.scts == NULL) {
+                s->ext.scts_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
+                         ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -1592,6 +1599,7 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->ext.npn);
     s->ext.npn = OPENSSL_malloc(selected_len);
     if (s->ext.npn == NULL) {
+        s->ext.npn_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_NPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1632,6 +1640,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->s3->alpn_selected);
     s->s3->alpn_selected = OPENSSL_malloc(len);
     if (s->s3->alpn_selected == NULL) {
+        s->s3->alpn_selected_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1663,6 +1672,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->session->ext.alpn_selected =
             OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
         if (s->session->ext.alpn_selected == NULL) {
+            s->session->ext.alpn_selected_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                      ERR_R_INTERNAL_ERROR);
             return 0;
diff --git a/crypto/openssl/ssl/statem/statem_clnt.c b/crypto/openssl/ssl/statem/statem_clnt.c
index d84cc0460f4e..de58f1a4b7e9 100644
--- a/crypto/openssl/ssl/statem/statem_clnt.c
+++ b/crypto/openssl/ssl/statem/statem_clnt.c
@@ -2462,6 +2462,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
         s->s3->tmp.ctype_len = 0;
         OPENSSL_free(s->pha_context);
         s->pha_context = NULL;
+        s->pha_context_len = 0;
 
         if (!PACKET_get_length_prefixed_1(pkt, &reqctx) ||
             !PACKET_memdup(&reqctx, &s->pha_context, &s->pha_context_len)) {
@@ -2771,16 +2772,17 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt)
     }
     s->ext.ocsp.resp = OPENSSL_malloc(resplen);
     if (s->ext.ocsp.resp == NULL) {
+        s->ext.ocsp.resp_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  ERR_R_MALLOC_FAILURE);
         return 0;
     }
+    s->ext.ocsp.resp_len = resplen;
     if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  SSL_R_LENGTH_MISMATCH);
         return 0;
     }
-    s->ext.ocsp.resp_len = resplen;
 
     return 1;
 }
@@ -2905,6 +2907,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt)
     if (psklen > PSK_MAX_PSK_LEN) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE, ERR_R_INTERNAL_ERROR);
+        psklen = PSK_MAX_PSK_LEN;   /* Avoid overrunning the array on cleanse */
         goto err;
     } else if (psklen == 0) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -3350,9 +3353,11 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
  err:
     OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return 0;
 }
@@ -3427,6 +3432,7 @@ int tls_client_key_exchange_post_work(SSL *s)
  err:
     OPENSSL_clear_free(pms, pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
     return 0;
 }
 
diff --git a/crypto/openssl/ssl/statem/statem_srvr.c b/crypto/openssl/ssl/statem/statem_srvr.c
index cf45a40ce4e3..fec12f613004 100644
--- a/crypto/openssl/ssl/statem/statem_srvr.c
+++ b/crypto/openssl/ssl/statem/statem_srvr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -2178,6 +2178,7 @@ int tls_handle_alpn(SSL *s)
             OPENSSL_free(s->s3->alpn_selected);
             s->s3->alpn_selected = OPENSSL_memdup(selected, selected_len);
             if (s->s3->alpn_selected == NULL) {
+                s->s3->alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_HANDLE_ALPN,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -2853,9 +2854,16 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
         if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
             OPENSSL_free(s->pha_context);
             s->pha_context_len = 32;
-            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
-                    || RAND_bytes(s->pha_context, s->pha_context_len) <= 0
-                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL) {
+                s->pha_context_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                         SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+                         ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            if (RAND_bytes(s->pha_context, s->pha_context_len) <= 0
+                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context,
+                                              s->pha_context_len)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
                          ERR_R_INTERNAL_ERROR);
@@ -2969,6 +2977,7 @@ static int tls_process_cke_psk_preamble(SSL *s, PACKET *pkt)
     OPENSSL_cleanse(psk, psklen);
 
     if (s->s3->tmp.psk == NULL) {
+        s->s3->tmp.psklen = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -3508,6 +3517,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return MSG_PROCESS_ERROR;
 }
@@ -4117,6 +4127,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             s->session->ext.alpn_selected =
                 OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
             if (s->session->ext.alpn_selected == NULL) {
+                s->session->ext.alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
                          ERR_R_MALLOC_FAILURE);

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 16:26:42 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2D8B95C3565;
 Thu, 25 Mar 2021 16:26:42 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5r8d6LHzz3qpY;
 Thu, 25 Mar 2021 16:26:41 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C7BEA2433;
 Thu, 25 Mar 2021 16:26:41 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PGQfO7083475;
 Thu, 25 Mar 2021 16:26:41 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PGQfk2083473;
 Thu, 25 Mar 2021 16:26:41 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 16:26:41 GMT
Message-Id: <202103251626.12PGQfk2083473@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 1f84105d7aba - releng/13.0 - OpenSSL: Regen manual pages for
 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 1f84105d7abadc53a7671f83e44607788276406d
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 16:26:42 -0000

The branch releng/13.0 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=1f84105d7abadc53a7671f83e44607788276406d

commit 1f84105d7abadc53a7671f83e44607788276406d
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 16:17:52 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 16:26:08 +0000

    OpenSSL: Regen manual pages for 1.1.1k
    
    (cherry picked from commit 7595394130a163b7ff53d9ef3f28fcb87f629d17)
    
    Approved by:    re (implicit)
---
 secure/lib/libcrypto/Makefile.inc                                     | 4 ++--
 secure/lib/libcrypto/man/man3/ADMISSIONS.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3                | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3                 | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_length.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3                  | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TIME_set.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3                   | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_start_job.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BF_encrypt.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDR.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ctrl.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_base64.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_buffer.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_cipher.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_md.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_ssl.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_find_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_data.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3                  | 2 +-
 secure/lib/libcrypto/man/man3/BIO_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new_CMS.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3                    | 2 +-
 secure/lib/libcrypto/man/man3/BIO_printf.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_push.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_accept.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_bio.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_connect.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_fd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_file.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_mem.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_socket.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_set_callback.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BIO_should_retry.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_BLINDING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_start.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_add.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_add_word.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BN_bn2bin.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BN_cmp.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_copy.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_generate_prime.3                     | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_inverse.3                        | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_montgomery.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_num_bytes.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_rand.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_security_bits.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_set_bit.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_swap.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_zero.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BUF_MEM_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add0_cert.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_recipient_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_signer.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CMS_compress.3                          | 2 +-
 secure/lib/libcrypto/man/man3/CMS_decrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_encrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_final.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_RecipientInfos.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_SignerInfos.3                  | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get1_ReceiptRequest.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign_receipt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/CMS_uncompress.3                        | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify.3                            | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify_receipt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_free.3                     | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_load_file.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_THREAD_run_once.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_get_ex_new_index.3               | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_memcmp.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_get0_log_by_id.3            | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_new.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CT_POLICY_EVAL_CTX_new.3                | 2 +-
 secure/lib/libcrypto/man/man3/DEFINE_STACK_OF.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DES_random_key.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_key.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_parameters.3                | 2 +-
 secure/lib/libcrypto/man/man3/DH_get0_pqg.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_get_1024_160.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_meth_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/DH_new_by_nid.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_set_method.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_size.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_SIG_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_do_sign.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_dup_DH.3                            | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_parameters.3               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_get0_pqg.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_get_data_mtu.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_set_timer_cb.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLSv1_listen.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECDSA_SIG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECPKParameters_print.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GFp_simple_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_copy.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_get_enc_flags.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_add.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/ENGINE_add.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ERR_GET_LIB.3                           | 2 +-
 secure/lib/libcrypto/man/man3/ERR_clear_error.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ERR_error_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_crypto_strings.3               | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_strings.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_print_errors.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_put_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_remove_state.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_set_mark.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_BytesToKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_CTX_get_cipher_data.3        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_meth_new.3                   | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestSignInit.3                    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestVerifyInit.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncodeInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncryptInit.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_MD_meth_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_OpenInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_ASN1_METHOD.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_ctrl.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_hkdf_md.3              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_scrypt_N.3             | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_asn1_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_cmp.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_decrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_derive.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_encrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_get_default_digest_nid.3       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_keygen.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_new.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_print_private.3                | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_set1_RSA.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_sign.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_size.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify_recover.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SealInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SignInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_VerifyInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aes.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aria.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_bf_cbc.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_blake2b512.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_camellia.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_cast5_cbc.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_chacha20.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_des.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_desx_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_idea_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md2.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md5.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_mdc2.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc2_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc5_32_12_16_cbc.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_ripemd160.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_seed_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha1.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha224.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha3_224.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm3.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm4_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_whirlpool.3                         | 2 +-
 secure/lib/libcrypto/man/man3/HMAC.3                                  | 2 +-
 secure/lib/libcrypto/man/man3/MD5.3                                   | 2 +-
 secure/lib/libcrypto/man/man3/MDC2_Init.3                             | 2 +-
 secure/lib/libcrypto/man/man3/OBJ_nid2obj.3                           | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_REQUEST_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_cert_to_id.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_request_add1_nonce.3               | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_resp_find_status.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_response_status.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_sendreq_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_Applink.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_COMPFUNC.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_stats.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_VERSION_NUMBER.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_fork_prepare.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_ia32cap.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_crypto.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_ssl.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_instrument_bus.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_load_builtin_modules.3          | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_malloc.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_secure_malloc.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_INFO.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_LOADER.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_SEARCH.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_expect.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_open.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OpenSSL_add_all_algorithms.3            | 2 +-
 secure/lib/libcrypto/man/man3/PEM_bytes_read_bio.3                    | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_CMS.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_PrivateKey.3               | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_ex.3                       | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_CMS_stream.3              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_PKCS7_stream.3            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_create.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_newpass.3                        | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_parse.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PKCS5_PBKDF2_HMAC.3                     | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_decrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_encrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign.3                            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign_add_signer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_verify.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_generate.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_get0_master.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_reseed.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_callbacks.3               | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_ex_data.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_add.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_bytes.3                            | 2 +-
 secure/lib/libcrypto/man/man3/RAND_cleanup.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_egd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_load_file.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RAND_set_rand_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/RC4_set_key.3                           | 2 +-
 secure/lib/libcrypto/man/man3/RIPEMD160_Init.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_blinding_on.3                       | 2 +-
 secure/lib/libcrypto/man/man3/RSA_check_key.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RSA_get0_key.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/RSA_padding_add_PKCS1_type_1.3          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/RSA_private_encrypt.3                   | 2 +-
 secure/lib/libcrypto/man/man3/RSA_public_encrypt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign_ASN1_OCTET_STRING.3            | 2 +-
 secure/lib/libcrypto/man/man3/RSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SCT_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SCT_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SCT_validate.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SHA256_Init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_CMS.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_PKCS7.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_CMS.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_PKCS7.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CIPHER_get_name.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_COMP_add_compression_method.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set1_prefix.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_flags.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_ssl_ctx.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd_argv.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add1_chain_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_extra_chain_cert.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_session.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_ctrl.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_dane_enable.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_flush_sessions.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_free.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get0_param.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get_verify_mode.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_has_client_custom_ext.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_load_verify_locations.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_number.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_cache_size.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_get_cb.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sessions.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set0_CA_list.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_curves.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_sigalgs.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_verify_cert_store.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_alpn_select_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_cb.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_store.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_verify_callback.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cipher_list.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_cert_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_hello_cb.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ct_validation_callback.3    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ctlog_list_file.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_default_passwd_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ex_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_generate_session_id.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_info_callback.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_keylog_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_max_cert_list.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_min_proto_version.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_mode.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_msg_callback.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_num_tickets.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_options.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_psk_client_callback.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_quiet_shutdown.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_read_ahead.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_record_padding_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_cache_mode.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_id_context.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_ticket_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_split_send_fragment.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ssl_version.3               | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_timeout.3                   | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_tlsext_servername_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_status_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_use_srtp.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tmp_dh_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_verify.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_certificate.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_serverinfo.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_free.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_cipher.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_hostname.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_id_context.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_peer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_compress_id.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_ex_data.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_protocol_version.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_time.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_has_ticket.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_is_resumable.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_print.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_set1_id.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_accept.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alert_type_string.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alloc_buffers.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_check_chain.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_clear.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_do_handshake.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_export_keying_material.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_extension_supported.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_free.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get0_peer_scts.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_SSL_CTX.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_all_async_fds.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_ciphers.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_client_random.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_current_cipher.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_default_timeout.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_extms_support.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_cert_chain.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_certificate.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_signature_nid.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_tmp_key.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_psk_identity.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_rbio.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_shared_sigalgs.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_version.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_in_init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_key_update.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_library_init.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_load_client_CA_file.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_pending.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read_early_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_rstate_string.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_session_reused.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set1_host.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_bio.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_connect_state.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_shutdown.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_shutdown.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_state_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_want.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_write.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_STRING.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_UTIL_read_pw.3                       | 2 +-
 secure/lib/libcrypto/man/man3/UI_create_method.3                      | 2 +-
 secure/lib/libcrypto/man/man3/UI_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/X509V3_get_d2i.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_ALGOR_dup.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_CRL_get0_by_serial.3               | 2 +-
 secure/lib/libcrypto/man/man3/X509_EXTENSION_set_object.3             | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_hash_dir.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_meth_new.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_ENTRY_get_object.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_add_entry_by_txt.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get0_der.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get_index_by_NID.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_print_ex.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_PUBKEY_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_SIG_get0.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_get_error.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_set_verify_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_add_cert.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_get0_param.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_new.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_set_verify_cb_func.3         | 2 +-
 secure/lib/libcrypto/man/man3/X509_VERIFY_PARAM_set_flags.3           | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_ca.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_host.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_issued.3                     | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_private_key.3                | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_purpose.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp_time.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_digest.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_dup.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_notBefore.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_signature.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_uids.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_extension_flags.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_pubkey.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_serialNumber.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_subject_name.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_version.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509_new.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_sign.3                             | 2 +-
 secure/lib/libcrypto/man/man3/X509_verify_cert.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509v3_get_ext_by_NID.3                 | 2 +-
 secure/lib/libcrypto/man/man3/d2i_DHparams.3                          | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PKCS8PrivateKey_bio.3               | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PrivateKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/d2i_SSL_SESSION.3                       | 2 +-
 secure/lib/libcrypto/man/man3/d2i_X509.3                              | 2 +-
 secure/lib/libcrypto/man/man3/i2d_CMS_bio_stream.3                    | 2 +-
 secure/lib/libcrypto/man/man3/i2d_PKCS7_bio_stream.3                  | 2 +-
 secure/lib/libcrypto/man/man3/i2d_re_X509_tbs.3                       | 2 +-
 secure/lib/libcrypto/man/man3/o2i_SCT_LIST.3                          | 2 +-
 secure/lib/libcrypto/man/man5/x509v3_config.5                         | 2 +-
 secure/lib/libcrypto/man/man7/Ed25519.7                               | 2 +-
 secure/lib/libcrypto/man/man7/RAND.7                                  | 2 +-
 secure/lib/libcrypto/man/man7/RAND_DRBG.7                             | 2 +-
 secure/lib/libcrypto/man/man7/RSA-PSS.7                               | 2 +-
 secure/lib/libcrypto/man/man7/SM2.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/X25519.7                                | 2 +-
 secure/lib/libcrypto/man/man7/bio.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ct.7                                    | 2 +-
 secure/lib/libcrypto/man/man7/des_modes.7                             | 2 +-
 secure/lib/libcrypto/man/man7/evp.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store-file.7                       | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store.7                            | 2 +-
 secure/lib/libcrypto/man/man7/passphrase-encoding.7                   | 2 +-
 secure/lib/libcrypto/man/man7/proxy-certificates.7                    | 2 +-
 secure/lib/libcrypto/man/man7/scrypt.7                                | 2 +-
 secure/lib/libcrypto/man/man7/ssl.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/x509.7                                  | 2 +-
 secure/usr.bin/openssl/man/CA.pl.1                                    | 2 +-
 secure/usr.bin/openssl/man/asn1parse.1                                | 2 +-
 secure/usr.bin/openssl/man/ca.1                                       | 2 +-
 secure/usr.bin/openssl/man/ciphers.1                                  | 2 +-
 secure/usr.bin/openssl/man/cms.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl2pkcs7.1                                | 2 +-
 secure/usr.bin/openssl/man/dgst.1                                     | 2 +-
 secure/usr.bin/openssl/man/dhparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/dsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/dsaparam.1                                 | 2 +-
 secure/usr.bin/openssl/man/ec.1                                       | 2 +-
 secure/usr.bin/openssl/man/ecparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/enc.1                                      | 2 +-
 secure/usr.bin/openssl/man/engine.1                                   | 2 +-
 secure/usr.bin/openssl/man/errstr.1                                   | 2 +-
 secure/usr.bin/openssl/man/gendsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/genpkey.1                                  | 2 +-
 secure/usr.bin/openssl/man/genrsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/list.1                                     | 2 +-
 secure/usr.bin/openssl/man/nseq.1                                     | 2 +-
 secure/usr.bin/openssl/man/ocsp.1                                     | 2 +-
 secure/usr.bin/openssl/man/openssl.1                                  | 2 +-
 secure/usr.bin/openssl/man/passwd.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs12.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs7.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkcs8.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkey.1                                     | 2 +-
 secure/usr.bin/openssl/man/pkeyparam.1                                | 2 +-
 secure/usr.bin/openssl/man/pkeyutl.1                                  | 2 +-
 secure/usr.bin/openssl/man/prime.1                                    | 2 +-
 secure/usr.bin/openssl/man/rand.1                                     | 2 +-
 secure/usr.bin/openssl/man/req.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsautl.1                                   | 2 +-
 secure/usr.bin/openssl/man/s_client.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_server.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_time.1                                   | 2 +-
 secure/usr.bin/openssl/man/sess_id.1                                  | 2 +-
 secure/usr.bin/openssl/man/smime.1                                    | 2 +-
 secure/usr.bin/openssl/man/speed.1                                    | 2 +-
 secure/usr.bin/openssl/man/spkac.1                                    | 2 +-
 secure/usr.bin/openssl/man/srp.1                                      | 2 +-
 secure/usr.bin/openssl/man/storeutl.1                                 | 2 +-
 secure/usr.bin/openssl/man/ts.1                                       | 2 +-
 secure/usr.bin/openssl/man/tsget.1                                    | 2 +-
 secure/usr.bin/openssl/man/verify.1                                   | 2 +-
 secure/usr.bin/openssl/man/version.1                                  | 2 +-
 secure/usr.bin/openssl/man/x509.1                                     | 2 +-
 535 files changed, 536 insertions(+), 536 deletions(-)

diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc
index 9860eb2ca4e1..0edeb9098ecd 100644
--- a/secure/lib/libcrypto/Makefile.inc
+++ b/secure/lib/libcrypto/Makefile.inc
@@ -3,8 +3,8 @@
 .include <bsd.own.mk>
 
 # OpenSSL version used for manual page generation
-OPENSSL_VER=	1.1.1j
-OPENSSL_DATE=	2021-02-16
+OPENSSL_VER=	1.1.1k
+OPENSSL_DATE=	2021-03-25
 
 LCRYPTO_SRC=	${SRCTOP}/crypto/openssl
 LCRYPTO_DOC=	${LCRYPTO_SRC}/doc
diff --git a/secure/lib/libcrypto/man/man3/ADMISSIONS.3 b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
index 2720754cf9e8..ad086fb0e8e9 100644
--- a/secure/lib/libcrypto/man/man3/ADMISSIONS.3
+++ b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ADMISSIONS 3"
-.TH ADMISSIONS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ADMISSIONS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3 b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
index 2daf11f19a0d..3c70dcaa8c2d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_INTEGER_GET_INT64 3"
-.TH ASN1_INTEGER_GET_INT64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_INTEGER_GET_INT64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3 b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
index f45f3fdc98ab..04ba1089d333 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_ITEM_LOOKUP 3"
-.TH ASN1_ITEM_LOOKUP 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_ITEM_LOOKUP 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3 b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
index 69678622d9fa..54c7476b7c08 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_OBJECT_NEW 3"
-.TH ASN1_OBJECT_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_OBJECT_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
index 9b9393cc5290..ad1b19c78546 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_TABLE_ADD 3"
-.TH ASN1_STRING_TABLE_ADD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_TABLE_ADD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
index ca15f898e6a8..75de680bb66a 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_LENGTH 3"
-.TH ASN1_STRING_LENGTH 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_LENGTH 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
index e4f6859c186d..76d17e1c6b23 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_NEW 3"
-.TH ASN1_STRING_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
index fbfcf517275f..d072930ec39d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_PRINT_EX 3"
-.TH ASN1_STRING_PRINT_EX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_PRINT_EX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3 b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
index 00b72c375820..0a3564196833 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TIME_SET 3"
-.TH ASN1_TIME_SET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TIME_SET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3 b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
index 4845c5280b6b..bf12e2b90dd2 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TYPE_GET 3"
-.TH ASN1_TYPE_GET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TYPE_GET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3 b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
index ce95ffd0fc29..207255106b3c 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_GENERATE_NCONF 3"
-.TH ASN1_GENERATE_NCONF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_GENERATE_NCONF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3 b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
index b761db6b5b7a..d1e3abb572db 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_WAIT_CTX_NEW 3"
-.TH ASYNC_WAIT_CTX_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_WAIT_CTX_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3 b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
index 03b06aff8fec..b5bb00413452 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_START_JOB 3"
-.TH ASYNC_START_JOB 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_START_JOB 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BF_encrypt.3 b/secure/lib/libcrypto/man/man3/BF_encrypt.3
index 8916feee640f..58cdcb4fc89e 100644
--- a/secure/lib/libcrypto/man/man3/BF_encrypt.3
+++ b/secure/lib/libcrypto/man/man3/BF_encrypt.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BF_ENCRYPT 3"
-.TH BF_ENCRYPT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BF_ENCRYPT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDR.3 b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
index 0dbedbf16b9d..fd492eee9531 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDR.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDR 3"
-.TH BIO_ADDR 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDR 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3 b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
index fb1d199796cb..7d64b051241a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDRINFO 3"
-.TH BIO_ADDRINFO 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDRINFO 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_connect.3 b/secure/lib/libcrypto/man/man3/BIO_connect.3
index 44b80366360d..507289d24595 100644
--- a/secure/lib/libcrypto/man/man3/BIO_connect.3
+++ b/secure/lib/libcrypto/man/man3/BIO_connect.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CONNECT 3"
-.TH BIO_CONNECT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CONNECT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ctrl.3 b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
index 7d90a1a40792..c290cfceab59 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ctrl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CTRL 3"
-.TH BIO_CTRL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CTRL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_base64.3 b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
index 39b94d930d17..14db0fc366a1 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_base64.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BASE64 3"
-.TH BIO_F_BASE64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BASE64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3 b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
index 61cfe1eec579..2cd165a9700d 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BUFFER 3"
-.TH BIO_F_BUFFER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BUFFER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3 b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
index 33e6f6c95c6e..68b32c47dac7 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_CIPHER 3"
-.TH BIO_F_CIPHER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_CIPHER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_md.3 b/secure/lib/libcrypto/man/man3/BIO_f_md.3
index 04c3fdaecc20..2a3dec321113 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_md.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_md.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_MD 3"
-.TH BIO_F_MD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_MD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_null.3 b/secure/lib/libcrypto/man/man3/BIO_f_null.3
index 21225c1e17fe..6d868bd0a10b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_null.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_null.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_NULL 3"
-.TH BIO_F_NULL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_NULL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3 b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
index 02b2bcd5e714..0ff1ecc99f79 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_SSL 3"
-.TH BIO_F_SSL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_SSL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_find_type.3 b/secure/lib/libcrypto/man/man3/BIO_find_type.3
index 579435574865..e4757943b8be 100644
--- a/secure/lib/libcrypto/man/man3/BIO_find_type.3
+++ b/secure/lib/libcrypto/man/man3/BIO_find_type.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_FIND_TYPE 3"
-.TH BIO_FIND_TYPE 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_FIND_TYPE 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_data.3 b/secure/lib/libcrypto/man/man3/BIO_get_data.3
index df2d8f5667dd..5297cc0f2214 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_data.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_data.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_DATA 3"
-.TH BIO_GET_DATA 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_DATA 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3 b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
index 31914a912318..78d970c7267f 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_EX_NEW_INDEX 3"
-.TH BIO_GET_EX_NEW_INDEX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_EX_NEW_INDEX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_meth_new.3 b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
index 5f77a8668b58..8953efaf4441 100644
--- a/secure/lib/libcrypto/man/man3/BIO_meth_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_METH_NEW 3"
-.TH BIO_METH_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_METH_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new.3 b/secure/lib/libcrypto/man/man3/BIO_new.3
index d37e03bbe65f..4d861bfdfa20 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW 3"
-.TH BIO_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3 b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
index 4c5f7a282ced..0c662446b29a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW_CMS 3"
-.TH BIO_NEW_CMS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW_CMS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3 b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
index 89758f5f6b2c..1ab7d109d1fc 100644
--- a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
+++ b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PARSE_HOSTSERV 3"
-.TH BIO_PARSE_HOSTSERV 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PARSE_HOSTSERV 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_printf.3 b/secure/lib/libcrypto/man/man3/BIO_printf.3
index f56b2c28937c..2c3bd3d70180 100644
--- a/secure/lib/libcrypto/man/man3/BIO_printf.3
+++ b/secure/lib/libcrypto/man/man3/BIO_printf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PRINTF 3"
-.TH BIO_PRINTF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PRINTF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_push.3 b/secure/lib/libcrypto/man/man3/BIO_push.3
index 359dfe245ae7..1c5c39143c0b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_push.3
*** 6523 LINES SKIPPED ***

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 17:13:49 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id F37445C4B5E;
 Thu, 25 Mar 2021 17:13:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5sC06RgNz3tsT;
 Thu, 25 Mar 2021 17:13:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CEE982F2F;
 Thu, 25 Mar 2021 17:13:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PHDm1i053499;
 Thu, 25 Mar 2021 17:13:48 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PHDmmu053498;
 Thu, 25 Mar 2021 17:13:48 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 17:13:48 GMT
Message-Id: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 18d07050e60ecc738556f0de56e34817303371a4
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 17:13:49 -0000

The branch stable/12 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=18d07050e60ecc738556f0de56e34817303371a4

commit 18d07050e60ecc738556f0de56e34817303371a4
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 15:45:19 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 17:04:27 +0000

    OpenSSL: Merge OpenSSL 1.1.1k
    
    Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380'
    
    (cherry picked from commit b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
---
 crypto/openssl/CHANGES                       | 44 ++++++++++++++++++++++++++++
 crypto/openssl/NEWS                          |  8 +++++
 crypto/openssl/README                        |  4 +--
 crypto/openssl/apps/s_cb.c                   |  5 ++--
 crypto/openssl/apps/s_time.c                 |  5 ++--
 crypto/openssl/crypto/asn1/asn1_par.c        |  3 +-
 crypto/openssl/crypto/asn1/bio_ndef.c        |  4 ++-
 crypto/openssl/crypto/engine/eng_devcrypto.c | 17 +++++++++--
 crypto/openssl/crypto/evp/evp_enc.c          |  2 +-
 crypto/openssl/crypto/modes/cbc128.c         |  8 +++--
 crypto/openssl/crypto/modes/gcm128.c         |  6 ++--
 crypto/openssl/crypto/o_time.c               |  6 ++--
 crypto/openssl/crypto/rand/rand_lib.c        |  8 +++--
 crypto/openssl/crypto/rsa/rsa_ssl.c          |  2 +-
 crypto/openssl/crypto/x509/x509_vfy.c        | 12 +++++---
 crypto/openssl/include/openssl/opensslv.h    |  6 ++--
 crypto/openssl/ssl/s3_lib.c                  |  7 +++--
 crypto/openssl/ssl/ssl_lib.c                 | 16 +++++++---
 crypto/openssl/ssl/statem/extensions.c       |  4 +++
 crypto/openssl/ssl/statem/extensions_clnt.c  | 16 ++++++++--
 crypto/openssl/ssl/statem/statem_clnt.c      |  8 ++++-
 crypto/openssl/ssl/statem/statem_srvr.c      | 19 +++++++++---
 22 files changed, 166 insertions(+), 44 deletions(-)

diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
index 1ab64b35c9a4..7d0129e68765 100644
--- a/crypto/openssl/CHANGES
+++ b/crypto/openssl/CHANGES
@@ -7,6 +7,50 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
+
+  *) Fixed a problem with verifying a certificate chain when using the
+     X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
+     of the certificates present in a certificate chain. It is not set by
+     default.
+
+     Starting from OpenSSL version 1.1.1h a check to disallow certificates in
+     the chain that have explicitly encoded elliptic curve parameters was added
+     as an additional strict check.
+
+     An error in the implementation of this check meant that the result of a
+     previous check to confirm that certificates in the chain are valid CA
+     certificates was overwritten. This effectively bypasses the check
+     that non-CA certificates must not be able to issue other certificates.
+
+     If a "purpose" has been configured then there is a subsequent opportunity
+     for checks that the certificate is a valid CA.  All of the named "purpose"
+     values implemented in libcrypto perform this check.  Therefore, where
+     a purpose is set the certificate chain will still be rejected even when the
+     strict flag has been used. A purpose is set by default in libssl client and
+     server certificate verification routines, but it can be overridden or
+     removed by an application.
+
+     In order to be affected, an application must explicitly set the
+     X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
+     for the certificate verification or, in the case of TLS client or server
+     applications, override the default purpose.
+     (CVE-2021-3450)
+     [Tomáš Mráz]
+
+  *) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
+     crafted renegotiation ClientHello message from a client. If a TLSv1.2
+     renegotiation ClientHello omits the signature_algorithms extension (where
+     it was present in the initial ClientHello), but includes a
+     signature_algorithms_cert extension then a NULL pointer dereference will
+     result, leading to a crash and a denial of service attack.
+
+     A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
+     (which is the default configuration). OpenSSL TLS clients are not impacted
+     by this issue.
+     (CVE-2021-3449)
+     [Peter Kästle and Samuel Sapalski]
+
  Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
 
   *) Fixed the X509_issuer_and_serial_hash() function. It attempts to
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
index 3cce52506645..05991a0c214a 100644
--- a/crypto/openssl/NEWS
+++ b/crypto/openssl/NEWS
@@ -5,6 +5,14 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
+
+      o Fixed a problem with verifying a certificate chain when using the
+        X509_V_FLAG_X509_STRICT flag (CVE-2021-3450)
+      o Fixed an issue where an OpenSSL TLS server may crash if sent a
+        maliciously crafted renegotiation ClientHello message from a client
+        (CVE-2021-3449)
+
   Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
 
       o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
diff --git a/crypto/openssl/README b/crypto/openssl/README
index da5629f92c81..b92a8bd3a4b5 100644
--- a/crypto/openssl/README
+++ b/crypto/openssl/README
@@ -1,7 +1,7 @@
 
- OpenSSL 1.1.1j 16 Feb 2021
+ OpenSSL 1.1.1k 25 Mar 2021
 
- Copyright (c) 1998-2020 The OpenSSL Project
+ Copyright (c) 1998-2021 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 
diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c
index 6406ddfb9e1b..dee1b2e5b4f6 100644
--- a/crypto/openssl/apps/s_cb.c
+++ b/crypto/openssl/apps/s_cb.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -934,7 +934,8 @@ static int set_cert_cb(SSL *ssl, void *arg)
                 if (!SSL_build_cert_chain(ssl, 0))
                     return 0;
             } else if (exc->chain != NULL) {
-                SSL_set1_chain(ssl, exc->chain);
+                if (!SSL_set1_chain(ssl, exc->chain))
+                    return 0;
             }
         }
         exc = exc->prev;
diff --git a/crypto/openssl/apps/s_time.c b/crypto/openssl/apps/s_time.c
index 628e65b26e19..1235e545c20a 100644
--- a/crypto/openssl/apps/s_time.c
+++ b/crypto/openssl/apps/s_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -263,7 +263,8 @@ int s_time_main(int argc, char **argv)
          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
     printf
         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
-         nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
+         nConn, (long)time(NULL) - finishtime + maxtime,
+         nConn > 0 ? bytes_read / nConn : 0l);
 
     /*
      * Now loop and time connections using the same session id over and over
diff --git a/crypto/openssl/crypto/asn1/asn1_par.c b/crypto/openssl/crypto/asn1/asn1_par.c
index 3f10c7cb94c5..a32fa47f2206 100644
--- a/crypto/openssl/crypto/asn1/asn1_par.c
+++ b/crypto/openssl/crypto/asn1/asn1_par.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -325,6 +325,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                 }
                 if (BIO_puts(bp, "]") <= 0)
                     goto end;
+                dump_cont = 0;
             }
 
             if (!nl) {
diff --git a/crypto/openssl/crypto/asn1/bio_ndef.c b/crypto/openssl/crypto/asn1/bio_ndef.c
index 6222c99074de..d7d7d80eea91 100644
--- a/crypto/openssl/crypto/asn1/bio_ndef.c
+++ b/crypto/openssl/crypto/asn1/bio_ndef.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -113,6 +113,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
     ndef_aux = *(NDEF_SUPPORT **)parg;
 
     derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    if (derlen < 0)
+        return 0;
     if ((p = OPENSSL_malloc(derlen)) == NULL) {
         ASN1err(ASN1_F_NDEF_PREFIX, ERR_R_MALLOC_FAILURE);
         return 0;
diff --git a/crypto/openssl/crypto/engine/eng_devcrypto.c b/crypto/openssl/crypto/engine/eng_devcrypto.c
index d2008013df43..50e88e9ecdfc 100644
--- a/crypto/openssl/crypto/engine/eng_devcrypto.c
+++ b/crypto/openssl/crypto/engine/eng_devcrypto.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -756,12 +756,25 @@ static int devcrypto_unload(ENGINE *e)
 void engine_load_devcrypto_int()
 {
     ENGINE *e = NULL;
+    int fd;
 
-    if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+    if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
             fprintf(stderr, "Could not open /dev/crypto: %s\n", strerror(errno));
         return;
     }
 
+#ifdef CRIOGET
+    if (ioctl(fd, CRIOGET, &cfd) < 0) {
+        fprintf(stderr, "Could not create crypto fd: %s\n", strerror(errno));
+        close(fd);
+        cfd = -1;
+        return;
+    }
+    close(fd);
+#else
+    cfd = fd;
+#endif
+
     if ((e = ENGINE_new()) == NULL
         || !ENGINE_set_destroy_function(e, devcrypto_unload)) {
         ENGINE_free(e);
diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c
index 0843caf4f0a4..e3c165d48e08 100644
--- a/crypto/openssl/crypto/evp/evp_enc.c
+++ b/crypto/openssl/crypto/evp/evp_enc.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/modes/cbc128.c b/crypto/openssl/crypto/modes/cbc128.c
index c85e37c6a546..15a14be70872 100644
--- a/crypto/openssl/crypto/modes/cbc128.c
+++ b/crypto/openssl/crypto/modes/cbc128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -69,7 +69,8 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
         in += 16;
         out += 16;
     }
-    memcpy(ivec, iv, 16);
+    if (ivec != iv)
+        memcpy(ivec, iv, 16);
 }
 
 void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
@@ -114,7 +115,8 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
                 out += 16;
             }
         }
-        memcpy(ivec, iv, 16);
+        if (ivec != iv)
+            memcpy(ivec, iv, 16);
     } else {
         if (STRICT_ALIGNMENT &&
             ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
diff --git a/crypto/openssl/crypto/modes/gcm128.c b/crypto/openssl/crypto/modes/gcm128.c
index 0c0bf3cda5b5..8304efff48be 100644
--- a/crypto/openssl/crypto/modes/gcm128.c
+++ b/crypto/openssl/crypto/modes/gcm128.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -1385,8 +1385,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
                 else
                     ctx->Yi.d[3] = ctr;
                 for (i = 0; i < 16 / sizeof(size_t); ++i) {
-                    size_t c = in[i];
-                    out[i] = c ^ ctx->EKi.t[i];
+                    size_t c = in_t[i];
+                    out_t[i] = c ^ ctx->EKi.t[i];
                     ctx->Xi.t[i] ^= c;
                 }
                 GCM_MUL(ctx);
diff --git a/crypto/openssl/crypto/o_time.c b/crypto/openssl/crypto/o_time.c
index 3502edda6238..3fa70c45af83 100644
--- a/crypto/openssl/crypto/o_time.c
+++ b/crypto/openssl/crypto/o_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -133,8 +133,8 @@ int OPENSSL_gmtime_diff(int *pday, int *psec,
 static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
                       long *pday, int *psec)
 {
-    int offset_hms, offset_day;
-    long time_jd;
+    int offset_hms;
+    long offset_day, time_jd;
     int time_year, time_month, time_day;
     /* split offset into days and day seconds */
     offset_day = offset_sec / SECS_PER_DAY;
diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_lib.c
index ba3a29e58468..5c72fad8ca26 100644
--- a/crypto/openssl/crypto/rand/rand_lib.c
+++ b/crypto/openssl/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -432,9 +432,13 @@ err:
 RAND_POOL *rand_pool_new(int entropy_requested, int secure,
                          size_t min_len, size_t max_len)
 {
-    RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool));
+    RAND_POOL *pool;
     size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure);
 
+    if (!RUN_ONCE(&rand_init, do_rand_init))
+        return NULL;
+
+    pool = OPENSSL_zalloc(sizeof(*pool));
     if (pool == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
diff --git a/crypto/openssl/crypto/rsa/rsa_ssl.c b/crypto/openssl/crypto/rsa/rsa_ssl.c
index ecdb3cee1fa3..e1c755ae460b 100644
--- a/crypto/openssl/crypto/rsa/rsa_ssl.c
+++ b/crypto/openssl/crypto/rsa/rsa_ssl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c
index 0c71b2e8b4ad..20a36e763c5d 100644
--- a/crypto/openssl/crypto/x509/x509_vfy.c
+++ b/crypto/openssl/crypto/x509/x509_vfy.c
@@ -524,15 +524,19 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
                 ret = 1;
             break;
         }
-        if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
+        if (ret > 0
+            && (ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
             /* Check for presence of explicit elliptic curve parameters */
             ret = check_curve(x);
-            if (ret < 0)
+            if (ret < 0) {
                 ctx->error = X509_V_ERR_UNSPECIFIED;
-            else if (ret == 0)
+                ret = 0;
+            } else if (ret == 0) {
                 ctx->error = X509_V_ERR_EC_KEY_EXPLICIT_PARAMS;
+            }
         }
-        if ((x->ex_flags & EXFLAG_CA) == 0
+        if (ret > 0
+            && (x->ex_flags & EXFLAG_CA) == 0
             && x->ex_pathlen != -1
             && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
             ctx->error = X509_V_ERR_INVALID_EXTENSION;
diff --git a/crypto/openssl/include/openssl/opensslv.h b/crypto/openssl/include/openssl/opensslv.h
index c5f92dac8f8d..e7aa93096c2f 100644
--- a/crypto/openssl/include/openssl/opensslv.h
+++ b/crypto/openssl/include/openssl/opensslv.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x101010afL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1j-freebsd  16 Feb 2021"
+# define OPENSSL_VERSION_NUMBER  0x101010bfL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1k-freebsd  25 Mar 2021"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index 4511b52c9afc..b256a4b93503 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -4629,6 +4629,7 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
 
         OPENSSL_clear_free(s->s3->tmp.psk, psklen);
         s->s3->tmp.psk = NULL;
+        s->s3->tmp.psklen = 0;
         if (!s->method->ssl3_enc->generate_master_secret(s,
                     s->session->master_key, pskpms, pskpmslen,
                     &s->session->master_key_length)) {
@@ -4658,8 +4659,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
         else
             OPENSSL_cleanse(pms, pmslen);
     }
-    if (s->server == 0)
+    if (s->server == 0) {
         s->s3->tmp.pms = NULL;
+        s->s3->tmp.pmslen = 0;
+    }
     return ret;
 }
 
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index 98057921f840..58f8f3c14cfa 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -779,8 +779,10 @@ SSL *SSL_new(SSL_CTX *ctx)
         s->ext.ecpointformats =
             OPENSSL_memdup(ctx->ext.ecpointformats,
                            ctx->ext.ecpointformats_len);
-        if (!s->ext.ecpointformats)
+        if (!s->ext.ecpointformats) {
+            s->ext.ecpointformats_len = 0;
             goto err;
+        }
         s->ext.ecpointformats_len =
             ctx->ext.ecpointformats_len;
     }
@@ -789,8 +791,10 @@ SSL *SSL_new(SSL_CTX *ctx)
             OPENSSL_memdup(ctx->ext.supportedgroups,
                            ctx->ext.supportedgroups_len
                                 * sizeof(*ctx->ext.supportedgroups));
-        if (!s->ext.supportedgroups)
+        if (!s->ext.supportedgroups) {
+            s->ext.supportedgroups_len = 0;
             goto err;
+        }
         s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
     }
 #endif
@@ -800,8 +804,10 @@ SSL *SSL_new(SSL_CTX *ctx)
 
     if (s->ctx->ext.alpn) {
         s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
-        if (s->ext.alpn == NULL)
+        if (s->ext.alpn == NULL) {
+            s->ext.alpn_len = 0;
             goto err;
+        }
         memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
         s->ext.alpn_len = s->ctx->ext.alpn_len;
     }
@@ -2834,6 +2840,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
     OPENSSL_free(ctx->ext.alpn);
     ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ctx->ext.alpn == NULL) {
+        ctx->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
@@ -2853,6 +2860,7 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
     OPENSSL_free(ssl->ext.alpn);
     ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ssl->ext.alpn == NULL) {
+        ssl->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
diff --git a/crypto/openssl/ssl/statem/extensions.c b/crypto/openssl/ssl/statem/extensions.c
index 9f51a6eb28d9..e1a3b1db67a1 100644
--- a/crypto/openssl/ssl/statem/extensions.c
+++ b/crypto/openssl/ssl/statem/extensions.c
@@ -336,6 +336,8 @@ static const EXTENSION_DEFINITION ext_defs[] = {
         tls_construct_stoc_key_share, tls_construct_ctos_key_share,
         final_key_share
     },
+#else
+    INVALID_EXTENSION,
 #endif
     {
         /* Must be after key_share */
@@ -1137,6 +1139,7 @@ static int init_sig_algs(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
+    s->s3->tmp.peer_sigalgslen = 0;
 
     return 1;
 }
@@ -1146,6 +1149,7 @@ static int init_sig_algs_cert(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
     s->s3->tmp.peer_cert_sigalgs = NULL;
+    s->s3->tmp.peer_cert_sigalgslen = 0;
 
     return 1;
 }
diff --git a/crypto/openssl/ssl/statem/extensions_clnt.c b/crypto/openssl/ssl/statem/extensions_clnt.c
index bcce0f1d9534..ce8a75794c3a 100644
--- a/crypto/openssl/ssl/statem/extensions_clnt.c
+++ b/crypto/openssl/ssl/statem/extensions_clnt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -816,6 +816,7 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
         OPENSSL_free(s->psksession_id);
         s->psksession_id = OPENSSL_memdup(id, idlen);
         if (s->psksession_id == NULL) {
+            s->psksession_id_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
@@ -1375,6 +1376,7 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
         OPENSSL_free(s->ext.peer_ecpointformats);
         s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
         if (s->ext.peer_ecpointformats == NULL) {
+            s->ext.peer_ecpointformats_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -1492,8 +1494,13 @@ int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->ext.scts_len = (uint16_t)size;
         if (size > 0) {
             s->ext.scts = OPENSSL_malloc(size);
-            if (s->ext.scts == NULL
-                    || !PACKET_copy_bytes(pkt, s->ext.scts, size)) {
+            if (s->ext.scts == NULL) {
+                s->ext.scts_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
+                         ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -1592,6 +1599,7 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->ext.npn);
     s->ext.npn = OPENSSL_malloc(selected_len);
     if (s->ext.npn == NULL) {
+        s->ext.npn_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_NPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1632,6 +1640,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->s3->alpn_selected);
     s->s3->alpn_selected = OPENSSL_malloc(len);
     if (s->s3->alpn_selected == NULL) {
+        s->s3->alpn_selected_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1663,6 +1672,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->session->ext.alpn_selected =
             OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
         if (s->session->ext.alpn_selected == NULL) {
+            s->session->ext.alpn_selected_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                      ERR_R_INTERNAL_ERROR);
             return 0;
diff --git a/crypto/openssl/ssl/statem/statem_clnt.c b/crypto/openssl/ssl/statem/statem_clnt.c
index d84cc0460f4e..de58f1a4b7e9 100644
--- a/crypto/openssl/ssl/statem/statem_clnt.c
+++ b/crypto/openssl/ssl/statem/statem_clnt.c
@@ -2462,6 +2462,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
         s->s3->tmp.ctype_len = 0;
         OPENSSL_free(s->pha_context);
         s->pha_context = NULL;
+        s->pha_context_len = 0;
 
         if (!PACKET_get_length_prefixed_1(pkt, &reqctx) ||
             !PACKET_memdup(&reqctx, &s->pha_context, &s->pha_context_len)) {
@@ -2771,16 +2772,17 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt)
     }
     s->ext.ocsp.resp = OPENSSL_malloc(resplen);
     if (s->ext.ocsp.resp == NULL) {
+        s->ext.ocsp.resp_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  ERR_R_MALLOC_FAILURE);
         return 0;
     }
+    s->ext.ocsp.resp_len = resplen;
     if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  SSL_R_LENGTH_MISMATCH);
         return 0;
     }
-    s->ext.ocsp.resp_len = resplen;
 
     return 1;
 }
@@ -2905,6 +2907,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt)
     if (psklen > PSK_MAX_PSK_LEN) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE, ERR_R_INTERNAL_ERROR);
+        psklen = PSK_MAX_PSK_LEN;   /* Avoid overrunning the array on cleanse */
         goto err;
     } else if (psklen == 0) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -3350,9 +3353,11 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
  err:
     OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return 0;
 }
@@ -3427,6 +3432,7 @@ int tls_client_key_exchange_post_work(SSL *s)
  err:
     OPENSSL_clear_free(pms, pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
     return 0;
 }
 
diff --git a/crypto/openssl/ssl/statem/statem_srvr.c b/crypto/openssl/ssl/statem/statem_srvr.c
index cf45a40ce4e3..fec12f613004 100644
--- a/crypto/openssl/ssl/statem/statem_srvr.c
+++ b/crypto/openssl/ssl/statem/statem_srvr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -2178,6 +2178,7 @@ int tls_handle_alpn(SSL *s)
             OPENSSL_free(s->s3->alpn_selected);
             s->s3->alpn_selected = OPENSSL_memdup(selected, selected_len);
             if (s->s3->alpn_selected == NULL) {
+                s->s3->alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_HANDLE_ALPN,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -2853,9 +2854,16 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
         if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
             OPENSSL_free(s->pha_context);
             s->pha_context_len = 32;
-            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
-                    || RAND_bytes(s->pha_context, s->pha_context_len) <= 0
-                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL) {
+                s->pha_context_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                         SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+                         ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            if (RAND_bytes(s->pha_context, s->pha_context_len) <= 0
+                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context,
+                                              s->pha_context_len)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
                          ERR_R_INTERNAL_ERROR);
@@ -2969,6 +2977,7 @@ static int tls_process_cke_psk_preamble(SSL *s, PACKET *pkt)
     OPENSSL_cleanse(psk, psklen);
 
     if (s->s3->tmp.psk == NULL) {
+        s->s3->tmp.psklen = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -3508,6 +3517,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return MSG_PROCESS_ERROR;
 }
@@ -4117,6 +4127,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             s->session->ext.alpn_selected =
                 OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
             if (s->session->ext.alpn_selected == NULL) {
+                s->session->ext.alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
                          ERR_R_MALLOC_FAILURE);

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 17:13:50 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 624045C4E99;
 Thu, 25 Mar 2021 17:13:50 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5sC223csz3tvc;
 Thu, 25 Mar 2021 17:13:50 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 38F2B2F30;
 Thu, 25 Mar 2021 17:13:50 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PHDogI053522;
 Thu, 25 Mar 2021 17:13:50 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PHDnFc053521;
 Thu, 25 Mar 2021 17:13:49 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 17:13:49 GMT
Message-Id: <202103251713.12PHDnFc053521@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jung-uk Kim <jkim@FreeBSD.org>
Subject: git: 2225c9780afa - stable/12 - OpenSSL: Regen manual pages for 1.1.1k
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jkim
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 2225c9780afa0f02f02a69b78f9e9bc2f0ac18bc
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 17:13:50 -0000

The branch stable/12 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=2225c9780afa0f02f02a69b78f9e9bc2f0ac18bc

commit 2225c9780afa0f02f02a69b78f9e9bc2f0ac18bc
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2021-03-25 16:17:52 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2021-03-25 17:13:25 +0000

    OpenSSL: Regen manual pages for 1.1.1k
    
    (cherry picked from commit 7595394130a163b7ff53d9ef3f28fcb87f629d17)
---
 secure/lib/libcrypto/Makefile.inc                                     | 4 ++--
 secure/lib/libcrypto/man/man3/ADMISSIONS.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3                | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3                 | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_length.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3                  | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TIME_set.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3                   | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/ASYNC_start_job.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BF_encrypt.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDR.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_ctrl.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_base64.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_buffer.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_cipher.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_md.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_f_ssl.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_find_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_data.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3                  | 2 +-
 secure/lib/libcrypto/man/man3/BIO_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BIO_new_CMS.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3                    | 2 +-
 secure/lib/libcrypto/man/man3/BIO_printf.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_push.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_accept.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_bio.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_connect.3                         | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_fd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_file.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_mem.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_null.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BIO_s_socket.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BIO_set_callback.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BIO_should_retry.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_BLINDING_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_CTX_start.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_add.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_add_word.3                           | 2 +-
 secure/lib/libcrypto/man/man3/BN_bn2bin.3                             | 2 +-
 secure/lib/libcrypto/man/man3/BN_cmp.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_copy.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_generate_prime.3                     | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_inverse.3                        | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_montgomery.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3                 | 2 +-
 secure/lib/libcrypto/man/man3/BN_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/BN_num_bytes.3                          | 2 +-
 secure/lib/libcrypto/man/man3/BN_rand.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_security_bits.3                      | 2 +-
 secure/lib/libcrypto/man/man3/BN_set_bit.3                            | 2 +-
 secure/lib/libcrypto/man/man3/BN_swap.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BN_zero.3                               | 2 +-
 secure/lib/libcrypto/man/man3/BUF_MEM_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add0_cert.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_recipient_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_add1_signer.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CMS_compress.3                          | 2 +-
 secure/lib/libcrypto/man/man3/CMS_decrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_encrypt.3                           | 2 +-
 secure/lib/libcrypto/man/man3/CMS_final.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_RecipientInfos.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_SignerInfos.3                  | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get0_type.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CMS_get1_ReceiptRequest.3               | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/CMS_sign_receipt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/CMS_uncompress.3                        | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify.3                            | 2 +-
 secure/lib/libcrypto/man/man3/CMS_verify_receipt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_free.3                     | 2 +-
 secure/lib/libcrypto/man/man3/CONF_modules_load_file.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_THREAD_run_once.3                | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_get_ex_new_index.3               | 2 +-
 secure/lib/libcrypto/man/man3/CRYPTO_memcmp.3                         | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_get0_log_by_id.3            | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_STORE_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/CTLOG_new.3                             | 2 +-
 secure/lib/libcrypto/man/man3/CT_POLICY_EVAL_CTX_new.3                | 2 +-
 secure/lib/libcrypto/man/man3/DEFINE_STACK_OF.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DES_random_key.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_key.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_generate_parameters.3                | 2 +-
 secure/lib/libcrypto/man/man3/DH_get0_pqg.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_get_1024_160.3                       | 2 +-
 secure/lib/libcrypto/man/man3/DH_meth_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DH_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/DH_new_by_nid.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_set_method.3                         | 2 +-
 secure/lib/libcrypto/man/man3/DH_size.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_SIG_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_do_sign.3                           | 2 +-
 secure/lib/libcrypto/man/man3/DSA_dup_DH.3                            | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/DSA_generate_parameters.3               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_get0_pqg.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/DSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/DSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/DSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_get_data_mtu.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLS_set_timer_cb.3                     | 2 +-
 secure/lib/libcrypto/man/man3/DTLSv1_listen.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECDSA_SIG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ECPKParameters_print.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GFp_simple_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_copy.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EC_GROUP_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_get_enc_flags.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EC_KEY_new.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_add.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EC_POINT_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/ENGINE_add.3                            | 2 +-
 secure/lib/libcrypto/man/man3/ERR_GET_LIB.3                           | 2 +-
 secure/lib/libcrypto/man/man3/ERR_clear_error.3                       | 2 +-
 secure/lib/libcrypto/man/man3/ERR_error_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_crypto_strings.3               | 2 +-
 secure/lib/libcrypto/man/man3/ERR_load_strings.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_print_errors.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_put_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/ERR_remove_state.3                      | 2 +-
 secure/lib/libcrypto/man/man3/ERR_set_mark.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_BytesToKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_CTX_get_cipher_data.3        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_CIPHER_meth_new.3                   | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestSignInit.3                    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_DigestVerifyInit.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncodeInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_EncryptInit.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_MD_meth_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_OpenInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_ASN1_METHOD.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_ctrl.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_hkdf_md.3              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3    | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_scrypt_N.3             | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_asn1_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_cmp.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_decrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_derive.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_encrypt.3                      | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_get_default_digest_nid.3       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_keygen.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_get_count.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_meth_new.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_print_private.3                | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_set1_RSA.3                     | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_sign.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_size.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify.3                       | 2 +-
 secure/lib/libcrypto/man/man3/EVP_PKEY_verify_recover.3               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SealInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_SignInit.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_VerifyInit.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aes.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_aria.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_bf_cbc.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_blake2b512.3                        | 2 +-
 secure/lib/libcrypto/man/man3/EVP_camellia.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_cast5_cbc.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_chacha20.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_des.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_desx_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_idea_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md2.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_md5.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_mdc2.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc2_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc4.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_rc5_32_12_16_cbc.3                  | 2 +-
 secure/lib/libcrypto/man/man3/EVP_ripemd160.3                         | 2 +-
 secure/lib/libcrypto/man/man3/EVP_seed_cbc.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha1.3                              | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha224.3                            | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sha3_224.3                          | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm3.3                               | 2 +-
 secure/lib/libcrypto/man/man3/EVP_sm4_cbc.3                           | 2 +-
 secure/lib/libcrypto/man/man3/EVP_whirlpool.3                         | 2 +-
 secure/lib/libcrypto/man/man3/HMAC.3                                  | 2 +-
 secure/lib/libcrypto/man/man3/MD5.3                                   | 2 +-
 secure/lib/libcrypto/man/man3/MDC2_Init.3                             | 2 +-
 secure/lib/libcrypto/man/man3/OBJ_nid2obj.3                           | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_REQUEST_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_cert_to_id.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_request_add1_nonce.3               | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_resp_find_status.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_response_status.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OCSP_sendreq_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_Applink.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_COMPFUNC.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_LH_stats.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_VERSION_NUMBER.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_fork_prepare.3                  | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_ia32cap.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_crypto.3                   | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_init_ssl.3                      | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_instrument_bus.3                | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_load_builtin_modules.3          | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_malloc.3                        | 2 +-
 secure/lib/libcrypto/man/man3/OPENSSL_secure_malloc.3                 | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_INFO.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_LOADER.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_SEARCH.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_expect.3                     | 2 +-
 secure/lib/libcrypto/man/man3/OSSL_STORE_open.3                       | 2 +-
 secure/lib/libcrypto/man/man3/OpenSSL_add_all_algorithms.3            | 2 +-
 secure/lib/libcrypto/man/man3/PEM_bytes_read_bio.3                    | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_CMS.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_PrivateKey.3               | 2 +-
 secure/lib/libcrypto/man/man3/PEM_read_bio_ex.3                       | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_CMS_stream.3              | 2 +-
 secure/lib/libcrypto/man/man3/PEM_write_bio_PKCS7_stream.3            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_create.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_newpass.3                        | 2 +-
 secure/lib/libcrypto/man/man3/PKCS12_parse.3                          | 2 +-
 secure/lib/libcrypto/man/man3/PKCS5_PBKDF2_HMAC.3                     | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_decrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_encrypt.3                         | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign.3                            | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_sign_add_signer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/PKCS7_verify.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_generate.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_get0_master.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_new.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_reseed.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_callbacks.3               | 2 +-
 secure/lib/libcrypto/man/man3/RAND_DRBG_set_ex_data.3                 | 2 +-
 secure/lib/libcrypto/man/man3/RAND_add.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_bytes.3                            | 2 +-
 secure/lib/libcrypto/man/man3/RAND_cleanup.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RAND_egd.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RAND_load_file.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RAND_set_rand_method.3                  | 2 +-
 secure/lib/libcrypto/man/man3/RC4_set_key.3                           | 2 +-
 secure/lib/libcrypto/man/man3/RIPEMD160_Init.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_blinding_on.3                       | 2 +-
 secure/lib/libcrypto/man/man3/RSA_check_key.3                         | 2 +-
 secure/lib/libcrypto/man/man3/RSA_generate_key.3                      | 2 +-
 secure/lib/libcrypto/man/man3/RSA_get0_key.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_meth_new.3                          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/RSA_padding_add_PKCS1_type_1.3          | 2 +-
 secure/lib/libcrypto/man/man3/RSA_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/RSA_private_encrypt.3                   | 2 +-
 secure/lib/libcrypto/man/man3/RSA_public_encrypt.3                    | 2 +-
 secure/lib/libcrypto/man/man3/RSA_set_method.3                        | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign.3                              | 2 +-
 secure/lib/libcrypto/man/man3/RSA_sign_ASN1_OCTET_STRING.3            | 2 +-
 secure/lib/libcrypto/man/man3/RSA_size.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SCT_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SCT_print.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SCT_validate.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SHA256_Init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_CMS.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_read_PKCS7.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_CMS.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SMIME_write_PKCS7.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CIPHER_get_name.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_COMP_add_compression_method.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_new.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set1_prefix.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_flags.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_ssl_ctx.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CONF_cmd_argv.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add1_chain_cert.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_extra_chain_cert.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_add_session.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_config.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_ctrl.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_dane_enable.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_flush_sessions.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_free.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get0_param.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_get_verify_mode.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_has_client_custom_ext.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_load_verify_locations.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_new.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_number.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_cache_size.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_get_cb.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_sessions.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set0_CA_list.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_curves.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_sigalgs.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set1_verify_cert_store.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_alpn_select_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_cb.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_store.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_verify_callback.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_cipher_list.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_cert_cb.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_client_hello_cb.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ct_validation_callback.3    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ctlog_list_file.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_default_passwd_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ex_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_generate_session_id.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_info_callback.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_keylog_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_max_cert_list.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_min_proto_version.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_mode.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_msg_callback.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_num_tickets.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_options.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_psk_client_callback.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_quiet_shutdown.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_read_ahead.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_record_padding_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_cache_mode.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_id_context.3        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_session_ticket_cb.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_split_send_fragment.3       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_ssl_version.3               | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_timeout.3                   | 2 +-
 .../lib/libcrypto/man/man3/SSL_CTX_set_tlsext_servername_callback.3   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_status_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_use_srtp.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_tmp_dh_callback.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_set_verify.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_certificate.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_CTX_use_serverinfo.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_free.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_cipher.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_hostname.3             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_id_context.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get0_peer.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_compress_id.3           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_ex_data.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_protocol_version.3      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_get_time.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_has_ticket.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_is_resumable.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_print.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_SESSION_set1_id.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_accept.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alert_type_string.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_alloc_buffers.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_check_chain.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_clear.3                             | 2 +-
 secure/lib/libcrypto/man/man3/SSL_connect.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_do_handshake.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_export_keying_material.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_extension_supported.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_free.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get0_peer_scts.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_SSL_CTX.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_all_async_fds.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_ciphers.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_client_random.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_current_cipher.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_default_timeout.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_error.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_extms_support.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_cert_chain.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_certificate.3              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_signature_nid.3            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_peer_tmp_key.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_psk_identity.3                  | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_rbio.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_shared_sigalgs.3                | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_get_version.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_in_init.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_key_update.3                        | 2 +-
 secure/lib/libcrypto/man/man3/SSL_library_init.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_load_client_CA_file.3               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_new.3                               | 2 +-
 secure/lib/libcrypto/man/man3/SSL_pending.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_read_early_data.3                   | 2 +-
 secure/lib/libcrypto/man/man3/SSL_rstate_string.3                     | 2 +-
 secure/lib/libcrypto/man/man3/SSL_session_reused.3                    | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set1_host.3                         | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_bio.3                           | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_connect_state.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_fd.3                            | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_session.3                       | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_shutdown.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_set_verify_result.3                 | 2 +-
 secure/lib/libcrypto/man/man3/SSL_shutdown.3                          | 2 +-
 secure/lib/libcrypto/man/man3/SSL_state_string.3                      | 2 +-
 secure/lib/libcrypto/man/man3/SSL_want.3                              | 2 +-
 secure/lib/libcrypto/man/man3/SSL_write.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_STRING.3                             | 2 +-
 secure/lib/libcrypto/man/man3/UI_UTIL_read_pw.3                       | 2 +-
 secure/lib/libcrypto/man/man3/UI_create_method.3                      | 2 +-
 secure/lib/libcrypto/man/man3/UI_new.3                                | 2 +-
 secure/lib/libcrypto/man/man3/X509V3_get_d2i.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_ALGOR_dup.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_CRL_get0_by_serial.3               | 2 +-
 secure/lib/libcrypto/man/man3/X509_EXTENSION_set_object.3             | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_hash_dir.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_LOOKUP_meth_new.3                  | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_ENTRY_get_object.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_add_entry_by_txt.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get0_der.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_get_index_by_NID.3            | 2 +-
 secure/lib/libcrypto/man/man3/X509_NAME_print_ex.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_PUBKEY_new.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_SIG_get0.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_get_error.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_new.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_CTX_set_verify_cb.3          | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_add_cert.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_get0_param.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_new.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_STORE_set_verify_cb_func.3         | 2 +-
 secure/lib/libcrypto/man/man3/X509_VERIFY_PARAM_set_flags.3           | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_ca.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_host.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_issued.3                     | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_private_key.3                | 2 +-
 secure/lib/libcrypto/man/man3/X509_check_purpose.3                    | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_cmp_time.3                         | 2 +-
 secure/lib/libcrypto/man/man3/X509_digest.3                           | 2 +-
 secure/lib/libcrypto/man/man3/X509_dup.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_notBefore.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_signature.3                   | 2 +-
 secure/lib/libcrypto/man/man3/X509_get0_uids.3                        | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_extension_flags.3              | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_pubkey.3                       | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_serialNumber.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_subject_name.3                 | 2 +-
 secure/lib/libcrypto/man/man3/X509_get_version.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509_new.3                              | 2 +-
 secure/lib/libcrypto/man/man3/X509_sign.3                             | 2 +-
 secure/lib/libcrypto/man/man3/X509_verify_cert.3                      | 2 +-
 secure/lib/libcrypto/man/man3/X509v3_get_ext_by_NID.3                 | 2 +-
 secure/lib/libcrypto/man/man3/d2i_DHparams.3                          | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PKCS8PrivateKey_bio.3               | 2 +-
 secure/lib/libcrypto/man/man3/d2i_PrivateKey.3                        | 2 +-
 secure/lib/libcrypto/man/man3/d2i_SSL_SESSION.3                       | 2 +-
 secure/lib/libcrypto/man/man3/d2i_X509.3                              | 2 +-
 secure/lib/libcrypto/man/man3/i2d_CMS_bio_stream.3                    | 2 +-
 secure/lib/libcrypto/man/man3/i2d_PKCS7_bio_stream.3                  | 2 +-
 secure/lib/libcrypto/man/man3/i2d_re_X509_tbs.3                       | 2 +-
 secure/lib/libcrypto/man/man3/o2i_SCT_LIST.3                          | 2 +-
 secure/lib/libcrypto/man/man5/x509v3_config.5                         | 2 +-
 secure/lib/libcrypto/man/man7/Ed25519.7                               | 2 +-
 secure/lib/libcrypto/man/man7/RAND.7                                  | 2 +-
 secure/lib/libcrypto/man/man7/RAND_DRBG.7                             | 2 +-
 secure/lib/libcrypto/man/man7/RSA-PSS.7                               | 2 +-
 secure/lib/libcrypto/man/man7/SM2.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/X25519.7                                | 2 +-
 secure/lib/libcrypto/man/man7/bio.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ct.7                                    | 2 +-
 secure/lib/libcrypto/man/man7/des_modes.7                             | 2 +-
 secure/lib/libcrypto/man/man7/evp.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store-file.7                       | 2 +-
 secure/lib/libcrypto/man/man7/ossl_store.7                            | 2 +-
 secure/lib/libcrypto/man/man7/passphrase-encoding.7                   | 2 +-
 secure/lib/libcrypto/man/man7/proxy-certificates.7                    | 2 +-
 secure/lib/libcrypto/man/man7/scrypt.7                                | 2 +-
 secure/lib/libcrypto/man/man7/ssl.7                                   | 2 +-
 secure/lib/libcrypto/man/man7/x509.7                                  | 2 +-
 secure/usr.bin/openssl/man/CA.pl.1                                    | 2 +-
 secure/usr.bin/openssl/man/asn1parse.1                                | 2 +-
 secure/usr.bin/openssl/man/ca.1                                       | 2 +-
 secure/usr.bin/openssl/man/ciphers.1                                  | 2 +-
 secure/usr.bin/openssl/man/cms.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl.1                                      | 2 +-
 secure/usr.bin/openssl/man/crl2pkcs7.1                                | 2 +-
 secure/usr.bin/openssl/man/dgst.1                                     | 2 +-
 secure/usr.bin/openssl/man/dhparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/dsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/dsaparam.1                                 | 2 +-
 secure/usr.bin/openssl/man/ec.1                                       | 2 +-
 secure/usr.bin/openssl/man/ecparam.1                                  | 2 +-
 secure/usr.bin/openssl/man/enc.1                                      | 2 +-
 secure/usr.bin/openssl/man/engine.1                                   | 2 +-
 secure/usr.bin/openssl/man/errstr.1                                   | 2 +-
 secure/usr.bin/openssl/man/gendsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/genpkey.1                                  | 2 +-
 secure/usr.bin/openssl/man/genrsa.1                                   | 2 +-
 secure/usr.bin/openssl/man/list.1                                     | 2 +-
 secure/usr.bin/openssl/man/nseq.1                                     | 2 +-
 secure/usr.bin/openssl/man/ocsp.1                                     | 2 +-
 secure/usr.bin/openssl/man/openssl.1                                  | 2 +-
 secure/usr.bin/openssl/man/passwd.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs12.1                                   | 2 +-
 secure/usr.bin/openssl/man/pkcs7.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkcs8.1                                    | 2 +-
 secure/usr.bin/openssl/man/pkey.1                                     | 2 +-
 secure/usr.bin/openssl/man/pkeyparam.1                                | 2 +-
 secure/usr.bin/openssl/man/pkeyutl.1                                  | 2 +-
 secure/usr.bin/openssl/man/prime.1                                    | 2 +-
 secure/usr.bin/openssl/man/rand.1                                     | 2 +-
 secure/usr.bin/openssl/man/req.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsa.1                                      | 2 +-
 secure/usr.bin/openssl/man/rsautl.1                                   | 2 +-
 secure/usr.bin/openssl/man/s_client.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_server.1                                 | 2 +-
 secure/usr.bin/openssl/man/s_time.1                                   | 2 +-
 secure/usr.bin/openssl/man/sess_id.1                                  | 2 +-
 secure/usr.bin/openssl/man/smime.1                                    | 2 +-
 secure/usr.bin/openssl/man/speed.1                                    | 2 +-
 secure/usr.bin/openssl/man/spkac.1                                    | 2 +-
 secure/usr.bin/openssl/man/srp.1                                      | 2 +-
 secure/usr.bin/openssl/man/storeutl.1                                 | 2 +-
 secure/usr.bin/openssl/man/ts.1                                       | 2 +-
 secure/usr.bin/openssl/man/tsget.1                                    | 2 +-
 secure/usr.bin/openssl/man/verify.1                                   | 2 +-
 secure/usr.bin/openssl/man/version.1                                  | 2 +-
 secure/usr.bin/openssl/man/x509.1                                     | 2 +-
 535 files changed, 536 insertions(+), 536 deletions(-)

diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc
index 5fcbbe6cf336..71c091733764 100644
--- a/secure/lib/libcrypto/Makefile.inc
+++ b/secure/lib/libcrypto/Makefile.inc
@@ -3,8 +3,8 @@
 .include <bsd.own.mk>
 
 # OpenSSL version used for manual page generation
-OPENSSL_VER=	1.1.1j
-OPENSSL_DATE=	2021-02-16
+OPENSSL_VER=	1.1.1k
+OPENSSL_DATE=	2021-03-25
 
 LCRYPTO_SRC=	${SRCTOP}/crypto/openssl
 LCRYPTO_DOC=	${LCRYPTO_SRC}/doc
diff --git a/secure/lib/libcrypto/man/man3/ADMISSIONS.3 b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
index 2720754cf9e8..ad086fb0e8e9 100644
--- a/secure/lib/libcrypto/man/man3/ADMISSIONS.3
+++ b/secure/lib/libcrypto/man/man3/ADMISSIONS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ADMISSIONS 3"
-.TH ADMISSIONS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ADMISSIONS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3 b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
index 2daf11f19a0d..3c70dcaa8c2d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_INTEGER_GET_INT64 3"
-.TH ASN1_INTEGER_GET_INT64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_INTEGER_GET_INT64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3 b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
index f45f3fdc98ab..04ba1089d333 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_ITEM_LOOKUP 3"
-.TH ASN1_ITEM_LOOKUP 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_ITEM_LOOKUP 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3 b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
index 69678622d9fa..54c7476b7c08 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_OBJECT_NEW 3"
-.TH ASN1_OBJECT_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_OBJECT_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
index 9b9393cc5290..ad1b19c78546 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_TABLE_ADD 3"
-.TH ASN1_STRING_TABLE_ADD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_TABLE_ADD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
index ca15f898e6a8..75de680bb66a 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_LENGTH 3"
-.TH ASN1_STRING_LENGTH 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_LENGTH 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
index e4f6859c186d..76d17e1c6b23 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_NEW 3"
-.TH ASN1_STRING_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3 b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
index fbfcf517275f..d072930ec39d 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_STRING_PRINT_EX 3"
-.TH ASN1_STRING_PRINT_EX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_STRING_PRINT_EX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3 b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
index 00b72c375820..0a3564196833 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TIME_SET 3"
-.TH ASN1_TIME_SET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TIME_SET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3 b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
index 4845c5280b6b..bf12e2b90dd2 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_TYPE_GET 3"
-.TH ASN1_TYPE_GET 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_TYPE_GET 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3 b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
index ce95ffd0fc29..207255106b3c 100644
--- a/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
+++ b/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASN1_GENERATE_NCONF 3"
-.TH ASN1_GENERATE_NCONF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASN1_GENERATE_NCONF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3 b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
index b761db6b5b7a..d1e3abb572db 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_WAIT_CTX_NEW 3"
-.TH ASYNC_WAIT_CTX_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_WAIT_CTX_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3 b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
index 03b06aff8fec..b5bb00413452 100644
--- a/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
+++ b/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ASYNC_START_JOB 3"
-.TH ASYNC_START_JOB 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH ASYNC_START_JOB 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BF_encrypt.3 b/secure/lib/libcrypto/man/man3/BF_encrypt.3
index 8916feee640f..58cdcb4fc89e 100644
--- a/secure/lib/libcrypto/man/man3/BF_encrypt.3
+++ b/secure/lib/libcrypto/man/man3/BF_encrypt.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BF_ENCRYPT 3"
-.TH BF_ENCRYPT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BF_ENCRYPT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDR.3 b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
index 0dbedbf16b9d..fd492eee9531 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDR.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDR.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDR 3"
-.TH BIO_ADDR 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDR 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3 b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
index fb1d199796cb..7d64b051241a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_ADDRINFO 3"
-.TH BIO_ADDRINFO 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_ADDRINFO 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_connect.3 b/secure/lib/libcrypto/man/man3/BIO_connect.3
index 44b80366360d..507289d24595 100644
--- a/secure/lib/libcrypto/man/man3/BIO_connect.3
+++ b/secure/lib/libcrypto/man/man3/BIO_connect.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CONNECT 3"
-.TH BIO_CONNECT 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CONNECT 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_ctrl.3 b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
index 6c7219251e3a..960e50077eac 100644
--- a/secure/lib/libcrypto/man/man3/BIO_ctrl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_ctrl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_CTRL 3"
-.TH BIO_CTRL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_CTRL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_base64.3 b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
index 39b94d930d17..14db0fc366a1 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_base64.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_base64.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BASE64 3"
-.TH BIO_F_BASE64 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BASE64 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3 b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
index 61cfe1eec579..2cd165a9700d 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_BUFFER 3"
-.TH BIO_F_BUFFER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_BUFFER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3 b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
index 33e6f6c95c6e..68b32c47dac7 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_CIPHER 3"
-.TH BIO_F_CIPHER 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_CIPHER 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_md.3 b/secure/lib/libcrypto/man/man3/BIO_f_md.3
index 04c3fdaecc20..2a3dec321113 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_md.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_md.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_MD 3"
-.TH BIO_F_MD 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_MD 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_null.3 b/secure/lib/libcrypto/man/man3/BIO_f_null.3
index 21225c1e17fe..6d868bd0a10b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_null.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_null.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_NULL 3"
-.TH BIO_F_NULL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_NULL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3 b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
index 02b2bcd5e714..0ff1ecc99f79 100644
--- a/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
+++ b/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_F_SSL 3"
-.TH BIO_F_SSL 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_F_SSL 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_find_type.3 b/secure/lib/libcrypto/man/man3/BIO_find_type.3
index 579435574865..e4757943b8be 100644
--- a/secure/lib/libcrypto/man/man3/BIO_find_type.3
+++ b/secure/lib/libcrypto/man/man3/BIO_find_type.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_FIND_TYPE 3"
-.TH BIO_FIND_TYPE 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_FIND_TYPE 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_data.3 b/secure/lib/libcrypto/man/man3/BIO_get_data.3
index df2d8f5667dd..5297cc0f2214 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_data.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_data.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_DATA 3"
-.TH BIO_GET_DATA 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_DATA 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3 b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
index 31914a912318..78d970c7267f 100644
--- a/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
+++ b/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_GET_EX_NEW_INDEX 3"
-.TH BIO_GET_EX_NEW_INDEX 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_GET_EX_NEW_INDEX 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_meth_new.3 b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
index 5f77a8668b58..8953efaf4441 100644
--- a/secure/lib/libcrypto/man/man3/BIO_meth_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_meth_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_METH_NEW 3"
-.TH BIO_METH_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_METH_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new.3 b/secure/lib/libcrypto/man/man3/BIO_new.3
index d37e03bbe65f..4d861bfdfa20 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW 3"
-.TH BIO_NEW 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3 b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
index 4c5f7a282ced..0c662446b29a 100644
--- a/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
+++ b/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_NEW_CMS 3"
-.TH BIO_NEW_CMS 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_NEW_CMS 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3 b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
index 89758f5f6b2c..1ab7d109d1fc 100644
--- a/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
+++ b/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PARSE_HOSTSERV 3"
-.TH BIO_PARSE_HOSTSERV 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PARSE_HOSTSERV 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_printf.3 b/secure/lib/libcrypto/man/man3/BIO_printf.3
index f56b2c28937c..2c3bd3d70180 100644
--- a/secure/lib/libcrypto/man/man3/BIO_printf.3
+++ b/secure/lib/libcrypto/man/man3/BIO_printf.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "BIO_PRINTF 3"
-.TH BIO_PRINTF 3 "2021-02-16" "1.1.1j" "OpenSSL"
+.TH BIO_PRINTF 3 "2021-03-25" "1.1.1k" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/secure/lib/libcrypto/man/man3/BIO_push.3 b/secure/lib/libcrypto/man/man3/BIO_push.3
index 359dfe245ae7..1c5c39143c0b 100644
--- a/secure/lib/libcrypto/man/man3/BIO_push.3
+++ b/secure/lib/libcrypto/man/man3/BIO_push.3
@@ -133,7 +133,7 @@
*** 6521 LINES SKIPPED ***

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 18:38:06 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AD8D45C75FA;
 Thu, 25 Mar 2021 18:38:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5v4G3fC7z4VW6;
 Thu, 25 Mar 2021 18:38:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 70056428D;
 Thu, 25 Mar 2021 18:38:06 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PIc6gk065999;
 Thu, 25 Mar 2021 18:38:06 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PIc6i3065998;
 Thu, 25 Mar 2021 18:38:06 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 18:38:06 GMT
Message-Id: <202103251838.12PIc6i3065998@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 72280d7e5734 - releng/13.0 - rtsold: Fix validation of RDNSS
 options
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 72280d7e5734946e2592cfd8be6895c2b3fdf46b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 18:38:06 -0000

The branch releng/13.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=72280d7e5734946e2592cfd8be6895c2b3fdf46b

commit 72280d7e5734946e2592cfd8be6895c2b3fdf46b
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-21 18:18:10 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-25 18:37:45 +0000

    rtsold: Fix validation of RDNSS options
    
    The header specifies the size of the option in multiples of eight bytes.
    The option consists of an eight-byte header followed by one or more IPv6
    addresses, so the option is invalid if the size is not equal to 1+2n for
    some n>0.  Check this.
    
    The bug can cause random stack data to be formatted as an IPv6 address
    and passed to resolvconf(8), but a host able to trigger the bug may also
    specify arbitrary addresses this way.
    
    Approved by:    re (cperciva)
    Reported by:    Q C <cq674350529@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 1af332a7d8f86b6fcc1f0f575fe5b06021b54f4c)
    (cherry picked from commit e4bdf7ac2a32ba1f2402e06360e476ec804210e7)
---
 usr.sbin/rtsold/rtsol.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/rtsold/rtsol.c b/usr.sbin/rtsold/rtsol.c
index 30027fc65ac9..76756bfd8393 100644
--- a/usr.sbin/rtsold/rtsol.c
+++ b/usr.sbin/rtsold/rtsol.c
@@ -363,13 +363,19 @@ rtsol_input(int sock)
 		case ND_OPT_RDNSS:
 			rdnss = (struct nd_opt_rdnss *)raoptp;
 
-			/* Optlen sanity check (Section 5.3.1 in RFC 6106) */
-			if (rdnss->nd_opt_rdnss_len < 3) {
+			/*
+			 * The option header is 8 bytes long and each address
+			 * occupies 16 bytes, so the option length must be
+			 * greater than or equal to 24 bytes and an odd multiple
+			 * of 8 bytes.  See section 5.1 in RFC 6106.
+			 */
+			if (rdnss->nd_opt_rdnss_len < 3 ||
+			    rdnss->nd_opt_rdnss_len % 2 == 0) {
 				warnmsg(LOG_INFO, __func__,
-		    			"too short RDNSS option"
-					"in RA from %s was ignored.",
-					inet_ntop(AF_INET6, &from.sin6_addr,
-					    ntopbuf, sizeof(ntopbuf)));
+				    "too short RDNSS option in RA from %s "
+				    "was ignored.",
+				inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
+				    sizeof(ntopbuf)));
 				break;
 			}
 

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 20:26:28 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A703957A93F;
 Thu, 25 Mar 2021 20:26:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5xTJ4KXdz4cQs;
 Thu, 25 Mar 2021 20:26:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8764D59B0;
 Thu, 25 Mar 2021 20:26:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PKQSBW020401;
 Thu, 25 Mar 2021 20:26:28 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PKQSvh020400;
 Thu, 25 Mar 2021 20:26:28 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 20:26:28 GMT
Message-Id: <202103252026.12PKQSvh020400@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 42f997d9b721 - stable/13 - Fix kassert panic when inserting
 multipath routes from multiple threads.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 42f997d9b721ce5b64c37958f21fa81630f5a224
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 20:26:28 -0000

The branch stable/13 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=42f997d9b721ce5b64c37958f21fa81630f5a224

commit 42f997d9b721ce5b64c37958f21fa81630f5a224
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-21 18:15:29 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-25 20:07:42 +0000

    Fix kassert panic when inserting multipath routes from multiple threads.
    
    Reported by:    Marco Zec <zec at fer.hr>
    
    (cherry picked from commit 2476178e6b09acc8d0fe6b1fb9c1b6f2981f766e)
---
 sys/net/route/nhgrp_ctl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/net/route/nhgrp_ctl.c b/sys/net/route/nhgrp_ctl.c
index c2119506370f..b329b907144f 100644
--- a/sys/net/route/nhgrp_ctl.c
+++ b/sys/net/route/nhgrp_ctl.c
@@ -488,7 +488,9 @@ get_nhgrp(struct nh_control *ctl, struct weightened_nhop *wn, int num_nhops,
 		if (link_nhgrp(ctl, key) == 0) {
 			/* Unable to allocate index? */
 			*perror = EAGAIN;
-			destroy_nhgrp(key);
+			free_nhgrp_nhops(key);
+			destroy_nhgrp_int(key);
+			return (NULL);
 		}
 		*perror = 0;
 		return (key);

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 20:26:29 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BDAF457A675;
 Thu, 25 Mar 2021 20:26:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5xTK53Jqz4cWF;
 Thu, 25 Mar 2021 20:26:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A05065B35;
 Thu, 25 Mar 2021 20:26:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PKQTR3020419;
 Thu, 25 Mar 2021 20:26:29 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PKQTID020418;
 Thu, 25 Mar 2021 20:26:29 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 20:26:29 GMT
Message-Id: <202103252026.12PKQTID020418@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: af85312e8a6f - stable/13 - Fix panic when destroying interface
 with ECMP routes.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: af85312e8a6f34ea7c8af77b9841fab6b5559e25
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 20:26:29 -0000

The branch stable/13 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=af85312e8a6f34ea7c8af77b9841fab6b5559e25

commit af85312e8a6f34ea7c8af77b9841fab6b5559e25
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-23 22:00:04 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-25 20:22:21 +0000

    Fix panic when destroying interface with ECMP routes.
    
    Reported by:    Zhenlei Huang <zlei.huang at gmail.com>
    PR:             254496
    
    (cherry picked from commit a0308e48ec12ae37f525aa3c6d3c1a236fb55dcd)
---
 sys/net/route/route_ctl.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/sys/net/route/route_ctl.c b/sys/net/route/route_ctl.c
index 46e0bcfee6b7..58b89c28f945 100644
--- a/sys/net/route/route_ctl.c
+++ b/sys/net/route/route_ctl.c
@@ -130,16 +130,25 @@ vnet_rtzone_destroy()
 static void
 destroy_rtentry(struct rtentry *rt)
 {
+	struct nhop_object *nh = rt->rt_nhop;
 
 	/*
 	 * At this moment rnh, nh_control may be already freed.
 	 * nhop interface may have been migrated to a different vnet.
 	 * Use vnet stored in the nexthop to delete the entry.
 	 */
-	CURVNET_SET(nhop_get_vnet(rt->rt_nhop));
+#ifdef ROUTE_MPATH
+	if (NH_IS_NHGRP(nh)) {
+		struct weightened_nhop *wn;
+		uint32_t num_nhops;
+		wn = nhgrp_get_nhops((struct nhgrp_object *)nh, &num_nhops);
+		nh = wn[0].nh;
+	}
+#endif
+	CURVNET_SET(nhop_get_vnet(nh));
 
 	/* Unreference nexthop */
-	nhop_free_any(rt->rt_nhop);
+	nhop_free_any(nh);
 
 	uma_zfree(V_rtzone, rt);
 

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 20:26:32 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id F204457A6E6;
 Thu, 25 Mar 2021 20:26:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5xTM4s6Qz4cTx;
 Thu, 25 Mar 2021 20:26:31 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D11A95928;
 Thu, 25 Mar 2021 20:26:30 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PKQUlS020442;
 Thu, 25 Mar 2021 20:26:30 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PKQUJb020441;
 Thu, 25 Mar 2021 20:26:30 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 20:26:30 GMT
Message-Id: <202103252026.12PKQUJb020441@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 47c00a983592 - stable/13 - Plug nexthop group refcount leak. In
 case with batch route delete via rib_walk_del(),
 when  some paths from the multipath route gets deleted,
 old  multipath group were not freed.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 47c00a9835926e96e562c67fa28e4432e99d9c56
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 20:26:32 -0000

The branch stable/13 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=47c00a9835926e96e562c67fa28e4432e99d9c56

commit 47c00a9835926e96e562c67fa28e4432e99d9c56
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-24 23:51:45 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-25 20:22:58 +0000

    Plug nexthop group refcount leak.
    In case with batch route delete via rib_walk_del(), when
     some paths from the multipath route gets deleted, old
     multipath group were not freed.
    
    PR:    254496
    Reported by:   Zhenlei Huang <zlei.huang@gmail.com>
    
    (cherry picked from commit 66f138563becf12d5c21924f816d2a45c3a1ed7a)
---
 sys/net/route/route_ctl.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/sys/net/route/route_ctl.c b/sys/net/route/route_ctl.c
index 58b89c28f945..af3853041ac6 100644
--- a/sys/net/route/route_ctl.c
+++ b/sys/net/route/route_ctl.c
@@ -130,6 +130,7 @@ vnet_rtzone_destroy()
 static void
 destroy_rtentry(struct rtentry *rt)
 {
+#ifdef VIMAGE
 	struct nhop_object *nh = rt->rt_nhop;
 
 	/*
@@ -146,9 +147,10 @@ destroy_rtentry(struct rtentry *rt)
 	}
 #endif
 	CURVNET_SET(nhop_get_vnet(nh));
+#endif
 
 	/* Unreference nexthop */
-	nhop_free_any(nh);
+	nhop_free_any(rt->rt_nhop);
 
 	uma_zfree(V_rtzone, rt);
 
@@ -1252,7 +1254,6 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	struct rt_delinfo *di;
 	struct rt_addrinfo *info;
 	struct rtentry *rt;
-	int error;
 
 	di = (struct rt_delinfo *)arg;
 	rt = (struct rtentry *)rn;
@@ -1261,7 +1262,8 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	info->rti_info[RTAX_DST] = rt_key(rt);
 	info->rti_info[RTAX_NETMASK] = rt_mask(rt);
 
-	error = rt_unlinkrte(di->rnh, info, &di->rc);
+	if (rt_unlinkrte(di->rnh, info, &di->rc) != 0)
+		return (0);
 
 	/*
 	 * Add deleted rtentries to the list to GC them
@@ -1270,10 +1272,18 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	 * XXX: Delayed notifications not implemented
 	 *  for nexthop updates.
 	 */
-	if ((error == 0) && (di->rc.rc_cmd == RTM_DELETE)) {
+	if (di->rc.rc_cmd == RTM_DELETE) {
 		/* Add to the list and return */
 		rt->rt_chain = di->head;
 		di->head = rt;
+#ifdef ROUTE_MPATH
+	} else {
+		/*
+		 * RTM_CHANGE to a diferent nexthop or nexthop group.
+		 * Free old multipath group.
+		 */
+		nhop_free_any(di->rc.rc_nh_old);
+#endif
 	}
 
 	return (0);

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 20:46:16 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4AF1057B1A1;
 Thu, 25 Mar 2021 20:46:16 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5xw81hv4z4dfx;
 Thu, 25 Mar 2021 20:46:16 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Received: from John-Baldwins-MacBook-Pro.local (ralph.baldwin.cx
 [66.234.199.215])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate) (Authenticated sender: jhb)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 92FD5F1D8;
 Thu, 25 Mar 2021 20:46:15 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
To: Jung-uk Kim <jkim@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
From: John Baldwin <jhb@FreeBSD.org>
Message-ID: <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
Date: Thu, 25 Mar 2021 13:46:11 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0)
 Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 20:46:16 -0000

On 3/25/21 10:13 AM, Jung-uk Kim wrote:
> The branch stable/12 has been updated by jkim:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=18d07050e60ecc738556f0de56e34817303371a4
> 
> commit 18d07050e60ecc738556f0de56e34817303371a4
> Author:     Jung-uk Kim <jkim@FreeBSD.org>
> AuthorDate: 2021-03-25 15:45:19 +0000
> Commit:     Jung-uk Kim <jkim@FreeBSD.org>
> CommitDate: 2021-03-25 17:04:27 +0000
> 
>      OpenSSL: Merge OpenSSL 1.1.1k
>      
>      Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380'
>      
>      (cherry picked from commit b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)

FYI, this merge includes fixes to support /dev/crypto on 12.x (it already
worked on 13.0 due to changes in how /dev/crypto worked).  The /dev/crypto
support in OpenSSL is fairly minimal at the moment however and only
tries to offload AES-CBC operations.

-- 
John Baldwin

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 21:04:04 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 54DD757BB67;
 Thu, 25 Mar 2021 21:04:04 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F5yJh1SFRz4gGl;
 Thu, 25 Mar 2021 21:04:04 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from freefall.freebsd.org (pool-100-8-53-238.nwrknj.fios.verizon.net
 [100.8.53.238])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 (Authenticated sender: jkim/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 15E2520045;
 Thu, 25 Mar 2021 21:04:04 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
To: John Baldwin <jhb@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
 <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
From: Jung-uk Kim <jkim@FreeBSD.org>
Organization: FreeBSD.org
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
Message-ID: <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
Date: Thu, 25 Mar 2021 17:03:58 -0400
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101
 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="h16uMiEAk9aR42UqhAflIYrjZKsQiASX7"
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 21:04:04 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--h16uMiEAk9aR42UqhAflIYrjZKsQiASX7
Content-Type: multipart/mixed; boundary="zAW1ni2nMcg39PpLnK6oBOg94uAQYGHr4";
 protected-headers="v1"
From: Jung-uk Kim <jkim@FreeBSD.org>
To: John Baldwin <jhb@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Message-ID: <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
 <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
In-Reply-To: <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>

--zAW1ni2nMcg39PpLnK6oBOg94uAQYGHr4
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 21. 3. 25., John Baldwin wrote:
> On 3/25/21 10:13 AM, Jung-uk Kim wrote:
>> The branch stable/12 has been updated by jkim:
>>
>> URL:
>> https://cgit.FreeBSD.org/src/commit/?id=3D18d07050e60ecc738556f0de56e3=
4817303371a4
>>
>>
>> commit 18d07050e60ecc738556f0de56e34817303371a4
>> Author:=C2=A0=C2=A0=C2=A0=C2=A0 Jung-uk Kim <jkim@FreeBSD.org>
>> AuthorDate: 2021-03-25 15:45:19 +0000
>> Commit:=C2=A0=C2=A0=C2=A0=C2=A0 Jung-uk Kim <jkim@FreeBSD.org>
>> CommitDate: 2021-03-25 17:04:27 +0000
>>
>> =C2=A0=C2=A0=C2=A0=C2=A0 OpenSSL: Merge OpenSSL 1.1.1k
>> =C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0 Merge commit '94fa08=
a4bcdfbb3434b025d67d014af3b18e5380'
>> =C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0 (cherry picked from =
commit
>> b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
>=20
> FYI, this merge includes fixes to support /dev/crypto on 12.x (it alrea=
dy
> worked on 13.0 due to changes in how /dev/crypto worked).=C2=A0 The /de=
v/crypto
> support in OpenSSL is fairly minimal at the moment however and only
> tries to offload AES-CBC operations.

Note, however, the code is NOT built by default on stable/12.  If you
want to build it, you need r342009 (f622545b79c4).

https://cgit.freebsd.org/src/commit?id=3Df622545b79c4

Jung-uk Kim


--zAW1ni2nMcg39PpLnK6oBOg94uAQYGHr4--

--h16uMiEAk9aR42UqhAflIYrjZKsQiASX7
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAmBc+r4FAwAAAAAACgkQfJ+WJvzb8UZ0
YQgAmpUSF9G9IMpFBs22ERvumxFyEtKQ/rv81X1aiG4jDFvYrslQOFp3fFuDSkM3TByuJrJAmUY2
ULHmMdpegw7F3AYpEtVulC6iO3W7wXV6HX+EbqSB7SGkwQnpne4d9QbkXsV1Y3+uw4m5f7rbsjxM
HkCQqj+al6ikS1sUmg4fTIPcmz3S2CL/qdNwcIfoOdnNgB2oxg94xKZ0hJVGnk+HM1f9iu6NylY6
p7Uqj8m4RuU6bsj1K4Iu4WZI5I9z2dG5nTWGUSvjY/Ravxk26JmANdKnc6apqnWf6y3WeEpHca/6
CLUa00QVA6phqEjCRkKiWZfytQNbvQR3N4VTyb9UOA==
=KIv7
-----END PGP SIGNATURE-----

--h16uMiEAk9aR42UqhAflIYrjZKsQiASX7--

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 23:44:34 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7C54B5A809D;
 Thu, 25 Mar 2021 23:44:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F61st343Jz4rJw;
 Thu, 25 Mar 2021 23:44:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5773F7C62;
 Thu, 25 Mar 2021 23:44:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PNiYM6001298;
 Thu, 25 Mar 2021 23:44:34 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PNiYGG001297;
 Thu, 25 Mar 2021 23:44:34 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 23:44:34 GMT
Message-Id: <202103252344.12PNiYGG001297@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: c9b4e5e9ae39 - releng/13.0 - Add UPDATING entry for OpenSSL
 advisory and bump version number.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: c9b4e5e9ae398f3bb8ba85507d9710d8a73a1a04
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 23:44:34 -0000

The branch releng/13.0 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=c9b4e5e9ae398f3bb8ba85507d9710d8a73a1a04

commit c9b4e5e9ae398f3bb8ba85507d9710d8a73a1a04
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2021-03-25 23:38:52 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2021-03-25 23:38:52 +0000

    Add UPDATING entry for OpenSSL advisory and bump version number.
    
    Approved by:    re (implicit)
    Approved by:    so
---
 UPDATING            | 6 +++++-
 sys/conf/newvers.sh | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/UPDATING b/UPDATING
index 880be2ef12e0..019b45d7c6e0 100644
--- a/UPDATING
+++ b/UPDATING
@@ -11,7 +11,11 @@ handbook:
 Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running portupgrade.
 
-20210223:	p1	FreeBSD-SA-21:03.pam_login_access
+20210325: 13.0-RC3-p1	FreeBSD-SA-21:07.openssl
+
+	Fix multiple OpenSSL issues [SA-21:07.openssl]
+
+20210223: 13.0-BETA3-p1	FreeBSD-SA-21:03.pam_login_access
 			FreeBSD-SA-21:06.xen
 
 	login.access fails to apply rules [SA-21:03.pam_login_access]
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 6e57164483fe..50fcab5609a2 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -54,7 +54,7 @@
 
 TYPE="FreeBSD"
 REVISION="13.0"
-BRANCH="RC3"
+BRANCH="RC3-p1"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From owner-dev-commits-src-branches@freebsd.org  Thu Mar 25 23:44:53 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 980A85A8306;
 Thu, 25 Mar 2021 23:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F61tF3tKSz4rQV;
 Thu, 25 Mar 2021 23:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 77F71105A9;
 Thu, 25 Mar 2021 23:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12PNirAa001450;
 Thu, 25 Mar 2021 23:44:53 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12PNir4s001449;
 Thu, 25 Mar 2021 23:44:53 GMT (envelope-from git)
Date: Thu, 25 Mar 2021 23:44:53 GMT
Message-Id: <202103252344.12PNir4s001449@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: af61348d61f5 - releng/12.2 - Fix multiple OpenSSL
 vulnerabilities. Add UPDATING and bump version.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/12.2
X-Git-Reftype: branch
X-Git-Commit: af61348d61f51a88b438d41c3c91b56b2b65ed9b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 23:44:53 -0000

The branch releng/12.2 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=af61348d61f51a88b438d41c3c91b56b2b65ed9b

commit af61348d61f51a88b438d41c3c91b56b2b65ed9b
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2021-03-25 23:42:19 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2021-03-25 23:42:19 +0000

    Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version.
    
    Approved by:    so
    Security:       FreeBSD-SA-21:07.openssl
    Security:       CVE-2021-3449
    Security:       CVE-2021-3450
---
 UPDATING                                    |  4 ++++
 crypto/openssl/crypto/x509/x509_vfy.c       | 12 ++++++++----
 crypto/openssl/ssl/s3_lib.c                 |  5 ++++-
 crypto/openssl/ssl/ssl_lib.c                | 14 +++++++++++---
 crypto/openssl/ssl/statem/extensions.c      |  2 ++
 crypto/openssl/ssl/statem/extensions_clnt.c | 14 ++++++++++++--
 crypto/openssl/ssl/statem/statem_clnt.c     |  7 ++++++-
 crypto/openssl/ssl/statem/statem_srvr.c     | 17 ++++++++++++++---
 sys/conf/newvers.sh                         |  2 +-
 9 files changed, 62 insertions(+), 15 deletions(-)

diff --git a/UPDATING b/UPDATING
index b33065306a1e..dcb82fbcf4a6 100644
--- a/UPDATING
+++ b/UPDATING
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20210325:	p5	FreeBSD-SA-21:07.openssl
+
+	Fix multiple OpenSSL issues [SA-21:07.openssl]
+
 20210223:	p4	FreeBSD-SA-21:03.pam_login_access
 			FreeBSD-SA-21:04.jail_remove
 			FreeBSD-SA-21:05.jail_chdir
diff --git a/crypto/openssl/crypto/x509/x509_vfy.c b/crypto/openssl/crypto/x509/x509_vfy.c
index 801055f5a087..4d1f37a8212e 100644
--- a/crypto/openssl/crypto/x509/x509_vfy.c
+++ b/crypto/openssl/crypto/x509/x509_vfy.c
@@ -526,15 +526,19 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
                 ret = 1;
             break;
         }
-        if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
+        if (ret > 0
+            && (ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
             /* Check for presence of explicit elliptic curve parameters */
             ret = check_curve(x);
-            if (ret < 0)
+            if (ret < 0) {
                 ctx->error = X509_V_ERR_UNSPECIFIED;
-            else if (ret == 0)
+                ret = 0;
+            } else if (ret == 0) {
                 ctx->error = X509_V_ERR_EC_KEY_EXPLICIT_PARAMS;
+            }
         }
-        if ((x->ex_flags & EXFLAG_CA) == 0
+        if (ret > 0
+            && (x->ex_flags & EXFLAG_CA) == 0
             && x->ex_pathlen != -1
             && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
             ctx->error = X509_V_ERR_INVALID_EXTENSION;
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index a987604bcd0e..d97b4310c607 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -4638,6 +4638,7 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
 
         OPENSSL_clear_free(s->s3->tmp.psk, psklen);
         s->s3->tmp.psk = NULL;
+        s->s3->tmp.psklen = 0;
         if (!s->method->ssl3_enc->generate_master_secret(s,
                     s->session->master_key, pskpms, pskpmslen,
                     &s->session->master_key_length)) {
@@ -4667,8 +4668,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
         else
             OPENSSL_cleanse(pms, pmslen);
     }
-    if (s->server == 0)
+    if (s->server == 0) {
         s->s3->tmp.pms = NULL;
+        s->s3->tmp.pmslen = 0;
+    }
     return ret;
 }
 
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index b1df374817c7..05f8d4dda6ce 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -779,8 +779,10 @@ SSL *SSL_new(SSL_CTX *ctx)
         s->ext.ecpointformats =
             OPENSSL_memdup(ctx->ext.ecpointformats,
                            ctx->ext.ecpointformats_len);
-        if (!s->ext.ecpointformats)
+        if (!s->ext.ecpointformats) {
+            s->ext.ecpointformats_len = 0;
             goto err;
+        }
         s->ext.ecpointformats_len =
             ctx->ext.ecpointformats_len;
     }
@@ -789,8 +791,10 @@ SSL *SSL_new(SSL_CTX *ctx)
             OPENSSL_memdup(ctx->ext.supportedgroups,
                            ctx->ext.supportedgroups_len
                                 * sizeof(*ctx->ext.supportedgroups));
-        if (!s->ext.supportedgroups)
+        if (!s->ext.supportedgroups) {
+            s->ext.supportedgroups_len = 0;
             goto err;
+        }
         s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
     }
 #endif
@@ -800,8 +804,10 @@ SSL *SSL_new(SSL_CTX *ctx)
 
     if (s->ctx->ext.alpn) {
         s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
-        if (s->ext.alpn == NULL)
+        if (s->ext.alpn == NULL) {
+            s->ext.alpn_len = 0;
             goto err;
+        }
         memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
         s->ext.alpn_len = s->ctx->ext.alpn_len;
     }
@@ -2834,6 +2840,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
     OPENSSL_free(ctx->ext.alpn);
     ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ctx->ext.alpn == NULL) {
+        ctx->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
@@ -2853,6 +2860,7 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
     OPENSSL_free(ssl->ext.alpn);
     ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
     if (ssl->ext.alpn == NULL) {
+        ssl->ext.alpn_len = 0;
         SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
         return 1;
     }
diff --git a/crypto/openssl/ssl/statem/extensions.c b/crypto/openssl/ssl/statem/extensions.c
index c785ab785d38..3f3062fe86c0 100644
--- a/crypto/openssl/ssl/statem/extensions.c
+++ b/crypto/openssl/ssl/statem/extensions.c
@@ -1136,6 +1136,7 @@ static int init_sig_algs(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
+    s->s3->tmp.peer_sigalgslen = 0;
 
     return 1;
 }
@@ -1145,6 +1146,7 @@ static int init_sig_algs_cert(SSL *s, unsigned int context)
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
     s->s3->tmp.peer_cert_sigalgs = NULL;
+    s->s3->tmp.peer_cert_sigalgslen = 0;
 
     return 1;
 }
diff --git a/crypto/openssl/ssl/statem/extensions_clnt.c b/crypto/openssl/ssl/statem/extensions_clnt.c
index bcce0f1d9534..00a902ac79e9 100644
--- a/crypto/openssl/ssl/statem/extensions_clnt.c
+++ b/crypto/openssl/ssl/statem/extensions_clnt.c
@@ -816,6 +816,7 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
         OPENSSL_free(s->psksession_id);
         s->psksession_id = OPENSSL_memdup(id, idlen);
         if (s->psksession_id == NULL) {
+            s->psksession_id_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
@@ -1375,6 +1376,7 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
         OPENSSL_free(s->ext.peer_ecpointformats);
         s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
         if (s->ext.peer_ecpointformats == NULL) {
+            s->ext.peer_ecpointformats_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -1492,8 +1494,13 @@ int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->ext.scts_len = (uint16_t)size;
         if (size > 0) {
             s->ext.scts = OPENSSL_malloc(size);
-            if (s->ext.scts == NULL
-                    || !PACKET_copy_bytes(pkt, s->ext.scts, size)) {
+            if (s->ext.scts == NULL) {
+                s->ext.scts_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
+                         ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_SCT,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -1592,6 +1599,7 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->ext.npn);
     s->ext.npn = OPENSSL_malloc(selected_len);
     if (s->ext.npn == NULL) {
+        s->ext.npn_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_NPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1632,6 +1640,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     OPENSSL_free(s->s3->alpn_selected);
     s->s3->alpn_selected = OPENSSL_malloc(len);
     if (s->s3->alpn_selected == NULL) {
+        s->s3->alpn_selected_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                  ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1663,6 +1672,7 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->session->ext.alpn_selected =
             OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
         if (s->session->ext.alpn_selected == NULL) {
+            s->session->ext.alpn_selected_len = 0;
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
                      ERR_R_INTERNAL_ERROR);
             return 0;
diff --git a/crypto/openssl/ssl/statem/statem_clnt.c b/crypto/openssl/ssl/statem/statem_clnt.c
index 64e392cfbfc7..0a61aa82b187 100644
--- a/crypto/openssl/ssl/statem/statem_clnt.c
+++ b/crypto/openssl/ssl/statem/statem_clnt.c
@@ -2461,6 +2461,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
         s->s3->tmp.ctype_len = 0;
         OPENSSL_free(s->pha_context);
         s->pha_context = NULL;
+        s->pha_context_len = 0;
 
         if (!PACKET_get_length_prefixed_1(pkt, &reqctx) ||
             !PACKET_memdup(&reqctx, &s->pha_context, &s->pha_context_len)) {
@@ -2770,16 +2771,17 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt)
     }
     s->ext.ocsp.resp = OPENSSL_malloc(resplen);
     if (s->ext.ocsp.resp == NULL) {
+        s->ext.ocsp.resp_len = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  ERR_R_MALLOC_FAILURE);
         return 0;
     }
+    s->ext.ocsp.resp_len = resplen;
     if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_STATUS_BODY,
                  SSL_R_LENGTH_MISMATCH);
         return 0;
     }
-    s->ext.ocsp.resp_len = resplen;
 
     return 1;
 }
@@ -3349,9 +3351,11 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
  err:
     OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return 0;
 }
@@ -3426,6 +3430,7 @@ int tls_client_key_exchange_post_work(SSL *s)
  err:
     OPENSSL_clear_free(pms, pmslen);
     s->s3->tmp.pms = NULL;
+    s->s3->tmp.pmslen = 0;
     return 0;
 }
 
diff --git a/crypto/openssl/ssl/statem/statem_srvr.c b/crypto/openssl/ssl/statem/statem_srvr.c
index 14cb27e6db01..fb26c0ba8148 100644
--- a/crypto/openssl/ssl/statem/statem_srvr.c
+++ b/crypto/openssl/ssl/statem/statem_srvr.c
@@ -2178,6 +2178,7 @@ int tls_handle_alpn(SSL *s)
             OPENSSL_free(s->s3->alpn_selected);
             s->s3->alpn_selected = OPENSSL_memdup(selected, selected_len);
             if (s->s3->alpn_selected == NULL) {
+                s->s3->alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_HANDLE_ALPN,
                          ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -2853,9 +2854,16 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
         if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
             OPENSSL_free(s->pha_context);
             s->pha_context_len = 32;
-            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
-                    || RAND_bytes(s->pha_context, s->pha_context_len) <= 0
-                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+            if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL) {
+                s->pha_context_len = 0;
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                         SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+                         ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            if (RAND_bytes(s->pha_context, s->pha_context_len) <= 0
+                    || !WPACKET_sub_memcpy_u8(pkt, s->pha_context,
+                                              s->pha_context_len)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
                          ERR_R_INTERNAL_ERROR);
@@ -2969,6 +2977,7 @@ static int tls_process_cke_psk_preamble(SSL *s, PACKET *pkt)
     OPENSSL_cleanse(psk, psklen);
 
     if (s->s3->tmp.psk == NULL) {
+        s->s3->tmp.psklen = 0;
         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -3508,6 +3517,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 #ifndef OPENSSL_NO_PSK
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
+    s->s3->tmp.psklen = 0;
 #endif
     return MSG_PROCESS_ERROR;
 }
@@ -4117,6 +4127,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             s->session->ext.alpn_selected =
                 OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
             if (s->session->ext.alpn_selected == NULL) {
+                s->session->ext.alpn_selected_len = 0;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
                          ERR_R_MALLOC_FAILURE);
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index dfcb11bb7d5d..68ee29d30168 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -49,7 +49,7 @@
 
 TYPE="FreeBSD"
 REVISION="12.2"
-BRANCH="RELEASE-p4"
+BRANCH="RELEASE-p5"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From owner-dev-commits-src-branches@freebsd.org  Fri Mar 26 13:52:51 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 38ABC5BFBB9;
 Fri, 26 Mar 2021 13:52:51 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6Nhg18N4z4j7m;
 Fri, 26 Mar 2021 13:52:51 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1A3A21B50D;
 Fri, 26 Mar 2021 13:52:51 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12QDqpOE093914;
 Fri, 26 Mar 2021 13:52:51 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12QDqoag093913;
 Fri, 26 Mar 2021 13:52:50 GMT (envelope-from git)
Date: Fri, 26 Mar 2021 13:52:50 GMT
Message-Id: <202103261352.12QDqoag093913@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ka Ho Ng <khng@FreeBSD.org>
Subject: git: c4a34bb3f823 - stable/13 - bhyve amd: Small cleanups in
 amdvi_dump_cmds
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: khng
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c4a34bb3f82346df0f96ce128bd2e7306ba9bfec
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 13:52:51 -0000

The branch stable/13 has been updated by khng:

URL: https://cgit.FreeBSD.org/src/commit/?id=c4a34bb3f82346df0f96ce128bd2e7306ba9bfec

commit c4a34bb3f82346df0f96ce128bd2e7306ba9bfec
Author:     Ka Ho Ng <khng@FreeBSD.org>
AuthorDate: 2021-03-23 08:11:56 +0000
Commit:     Ka Ho Ng <khng@FreeBSD.org>
CommitDate: 2021-03-26 13:50:36 +0000

    bhyve amd: Small cleanups in amdvi_dump_cmds
    
    Bump offset with MOD_INC instead in amdvi_dump_cmds.
    
    Reviewed by:    jhb
    Approved by:    philip (mentor)
    Differential Revision:  https://reviews.freebsd.org/D28862
    
    (cherry picked from commit be97fc8dced052f824387a1ae6a0063f9dcfdc89)
---
 sys/amd64/vmm/amd/amdvi_hw.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sys/amd64/vmm/amd/amdvi_hw.c b/sys/amd64/vmm/amd/amdvi_hw.c
index 62aba04de050..132ae8389f2a 100644
--- a/sys/amd64/vmm/amd/amdvi_hw.c
+++ b/sys/amd64/vmm/amd/amdvi_hw.c
@@ -514,8 +514,7 @@ amdvi_dump_cmds(struct amdvi_softc *softc, int count)
 		printf("  [CMD%d, off:0x%x] opcode= 0x%x 0x%x"
 		    " 0x%x 0x%lx\n", i, off, cmd->opcode,
 		    cmd->word0, cmd->word1, cmd->addr);
-		off = (off + sizeof(struct amdvi_cmd)) %
-		    (softc->cmd_max * sizeof(struct amdvi_cmd));
+		off = MOD_INC(off, sizeof(struct amdvi_cmd), softc->cmd_max);
 	}
 }
 

From owner-dev-commits-src-branches@freebsd.org  Fri Mar 26 13:52:52 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 559185780D6;
 Fri, 26 Mar 2021 13:52:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6Nhh1xR4z4hrQ;
 Fri, 26 Mar 2021 13:52:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 34B731B371;
 Fri, 26 Mar 2021 13:52:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12QDqqKK093937;
 Fri, 26 Mar 2021 13:52:52 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12QDqqZQ093936;
 Fri, 26 Mar 2021 13:52:52 GMT (envelope-from git)
Date: Fri, 26 Mar 2021 13:52:52 GMT
Message-Id: <202103261352.12QDqqZQ093936@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Ka Ho Ng <khng@FreeBSD.org>
Subject: git: 7590d7800c44 - stable/13 - bhyve: support relocating fbuf and
 passthru data BARs
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: khng
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7590d7800c44ebe2f5410874d393eaf218f543ff
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 13:52:52 -0000

The branch stable/13 has been updated by khng:

URL: https://cgit.FreeBSD.org/src/commit/?id=7590d7800c44ebe2f5410874d393eaf218f543ff

commit 7590d7800c44ebe2f5410874d393eaf218f543ff
Author:     D Scott Phillips <scottph@FreeBSD.org>
AuthorDate: 2021-03-18 16:08:52 +0000
Commit:     Ka Ho Ng <khng@FreeBSD.org>
CommitDate: 2021-03-26 13:50:41 +0000

    bhyve: support relocating fbuf and passthru data BARs
    
    We want to allow the UEFI firmware to enumerate and assign
    addresses to PCI devices so we can boot from NVMe[1]. Address
    assignment of PCI BARs is properly handled by the PCI emulation
    code in general, but a few specific cases need additional support.
    fbuf and passthru map additional objects into the guest physical
    address space and so need to handle address updates. Here we add a
    callback to emulated PCI devices to inform them of a BAR
    configuration change. fbuf and passthru then watch for these BAR
    changes and relocate the frame buffer memory segment and passthru
    device mmio area respectively.
    
    We also add new VM_MUNMAP_MEMSEG and VM_UNMAP_PPTDEV_MMIO ioctls
    to vmm(4) to facilitate the unmapping needed for addres updates.
    
    [1]: https://github.com/freebsd/uefi-edk2/pull/9/
    
    Originally by:  scottph
    Sponsored by:   Intel Corporation
    Reviewed by:    grehan
    Approved by:    philip (mentor)
    Differential Revision:  https://reviews.freebsd.org/D24066
    
    (cherry picked from commit f8a6ec2d572758da6cfd29fcb4ecf4430463661d)
---
 lib/libvmmapi/vmmapi.c        |  33 +++++++++++-
 lib/libvmmapi/vmmapi.h        |   4 ++
 sys/amd64/include/vmm.h       |   1 +
 sys/amd64/include/vmm_dev.h   |  11 ++++
 sys/amd64/vmm/io/ppt.c        |  30 ++++++++++-
 sys/amd64/vmm/io/ppt.h        |   2 +
 sys/amd64/vmm/vmm.c           |  18 +++++++
 sys/amd64/vmm/vmm_dev.c       |  12 +++++
 usr.sbin/bhyve/pci_emul.c     |   8 +++
 usr.sbin/bhyve/pci_emul.h     |   3 ++
 usr.sbin/bhyve/pci_fbuf.c     |  25 +++++++++
 usr.sbin/bhyve/pci_passthru.c | 123 ++++++++++++++++++++++++++++++------------
 12 files changed, 232 insertions(+), 38 deletions(-)

diff --git a/lib/libvmmapi/vmmapi.c b/lib/libvmmapi/vmmapi.c
index b36ad1c84423..39732f448023 100644
--- a/lib/libvmmapi/vmmapi.c
+++ b/lib/libvmmapi/vmmapi.c
@@ -251,6 +251,19 @@ vm_get_guestmem_from_ctx(struct vmctx *ctx, char **guest_baseaddr,
 	return (0);
 }
 
+int
+vm_munmap_memseg(struct vmctx *ctx, vm_paddr_t gpa, size_t len)
+{
+	struct vm_munmap munmap;
+	int error;
+
+	munmap.gpa = gpa;
+	munmap.len = len;
+
+	error = ioctl(ctx->fd, VM_MUNMAP_MEMSEG, &munmap);
+	return (error);
+}
+
 int
 vm_mmap_getnext(struct vmctx *ctx, vm_paddr_t *gpa, int *segid,
     vm_ooffset_t *segoff, size_t *len, int *prot, int *flags)
@@ -980,6 +993,22 @@ vm_map_pptdev_mmio(struct vmctx *ctx, int bus, int slot, int func,
 	return (ioctl(ctx->fd, VM_MAP_PPTDEV_MMIO, &pptmmio));
 }
 
+int
+vm_unmap_pptdev_mmio(struct vmctx *ctx, int bus, int slot, int func,
+		     vm_paddr_t gpa, size_t len)
+{
+	struct vm_pptdev_mmio pptmmio;
+
+	bzero(&pptmmio, sizeof(pptmmio));
+	pptmmio.bus = bus;
+	pptmmio.slot = slot;
+	pptmmio.func = func;
+	pptmmio.gpa = gpa;
+	pptmmio.len = len;
+
+	return (ioctl(ctx->fd, VM_UNMAP_PPTDEV_MMIO, &pptmmio));
+}
+
 int
 vm_setup_pptdev_msi(struct vmctx *ctx, int vcpu, int bus, int slot, int func,
     uint64_t addr, uint64_t msg, int numvec)
@@ -1644,7 +1673,7 @@ vm_get_ioctls(size_t *len)
 	/* keep in sync with machine/vmm_dev.h */
 	static const cap_ioctl_t vm_ioctl_cmds[] = { VM_RUN, VM_SUSPEND, VM_REINIT,
 	    VM_ALLOC_MEMSEG, VM_GET_MEMSEG, VM_MMAP_MEMSEG, VM_MMAP_MEMSEG,
-	    VM_MMAP_GETNEXT, VM_SET_REGISTER, VM_GET_REGISTER,
+	    VM_MMAP_GETNEXT, VM_MUNMAP_MEMSEG, VM_SET_REGISTER, VM_GET_REGISTER,
 	    VM_SET_SEGMENT_DESCRIPTOR, VM_GET_SEGMENT_DESCRIPTOR,
 	    VM_SET_REGISTER_SET, VM_GET_REGISTER_SET,
 	    VM_SET_KERNEMU_DEV, VM_GET_KERNEMU_DEV,
@@ -1654,7 +1683,7 @@ vm_get_ioctls(size_t *len)
 	    VM_ISA_DEASSERT_IRQ, VM_ISA_PULSE_IRQ, VM_ISA_SET_IRQ_TRIGGER,
 	    VM_SET_CAPABILITY, VM_GET_CAPABILITY, VM_BIND_PPTDEV,
 	    VM_UNBIND_PPTDEV, VM_MAP_PPTDEV_MMIO, VM_PPTDEV_MSI,
-	    VM_PPTDEV_MSIX, VM_PPTDEV_DISABLE_MSIX,
+	    VM_PPTDEV_MSIX, VM_UNMAP_PPTDEV_MMIO, VM_PPTDEV_DISABLE_MSIX,
 	    VM_INJECT_NMI, VM_STATS, VM_STAT_DESC,
 	    VM_SET_X2APIC_STATE, VM_GET_X2APIC_STATE,
 	    VM_GET_HPET_CAPABILITIES, VM_GET_GPA_PMAP, VM_GLA2GPA,
diff --git a/lib/libvmmapi/vmmapi.h b/lib/libvmmapi/vmmapi.h
index 2fe2bf7906a4..55ca7395d63b 100644
--- a/lib/libvmmapi/vmmapi.h
+++ b/lib/libvmmapi/vmmapi.h
@@ -111,6 +111,8 @@ void	*vm_create_devmem(struct vmctx *ctx, int segid, const char *name,
 int	vm_mmap_memseg(struct vmctx *ctx, vm_paddr_t gpa, int segid,
 	    vm_ooffset_t segoff, size_t len, int prot);
 
+int	vm_munmap_memseg(struct vmctx *ctx, vm_paddr_t gpa, size_t len);
+
 int	vm_create(const char *name);
 int	vm_get_device_fd(struct vmctx *ctx);
 struct vmctx *vm_open(const char *name);
@@ -176,6 +178,8 @@ int	vm_assign_pptdev(struct vmctx *ctx, int bus, int slot, int func);
 int	vm_unassign_pptdev(struct vmctx *ctx, int bus, int slot, int func);
 int	vm_map_pptdev_mmio(struct vmctx *ctx, int bus, int slot, int func,
 			   vm_paddr_t gpa, size_t len, vm_paddr_t hpa);
+int	vm_unmap_pptdev_mmio(struct vmctx *ctx, int bus, int slot, int func,
+			     vm_paddr_t gpa, size_t len);
 int	vm_setup_pptdev_msi(struct vmctx *ctx, int vcpu, int bus, int slot,
 	    int func, uint64_t addr, uint64_t msg, int numvec);
 int	vm_setup_pptdev_msix(struct vmctx *ctx, int vcpu, int bus, int slot,
diff --git a/sys/amd64/include/vmm.h b/sys/amd64/include/vmm.h
index 390d8f5699ac..f265237a5303 100644
--- a/sys/amd64/include/vmm.h
+++ b/sys/amd64/include/vmm.h
@@ -231,6 +231,7 @@ int vm_set_topology(struct vm *vm, uint16_t sockets, uint16_t cores,
  */
 int vm_mmap_memseg(struct vm *vm, vm_paddr_t gpa, int segid, vm_ooffset_t off,
     size_t len, int prot, int flags);
+int vm_munmap_memseg(struct vm *vm, vm_paddr_t gpa, size_t len);
 int vm_alloc_memseg(struct vm *vm, int ident, size_t len, bool sysmem);
 void vm_free_memseg(struct vm *vm, int ident);
 int vm_map_mmio(struct vm *vm, vm_paddr_t gpa, size_t len, vm_paddr_t hpa);
diff --git a/sys/amd64/include/vmm_dev.h b/sys/amd64/include/vmm_dev.h
index e4204e759bf6..a048e05d4b7c 100644
--- a/sys/amd64/include/vmm_dev.h
+++ b/sys/amd64/include/vmm_dev.h
@@ -49,6 +49,11 @@ struct vm_memmap {
 #define	VM_MEMMAP_F_WIRED	0x01
 #define	VM_MEMMAP_F_IOMMU	0x02
 
+struct vm_munmap {
+	vm_paddr_t	gpa;
+	size_t		len;
+};
+
 #define	VM_MEMSEG_NAME(m)	((m)->name[0] != '\0' ? (m)->name : NULL)
 struct vm_memseg {
 	int		segid;
@@ -270,6 +275,7 @@ enum {
 	IOCNUM_MMAP_MEMSEG = 16,
 	IOCNUM_MMAP_GETNEXT = 17,
 	IOCNUM_GLA2GPA_NOFAULT = 18,
+	IOCNUM_MUNMAP_MEMSEG = 19,
 
 	/* register/state accessors */
 	IOCNUM_SET_REGISTER = 20,
@@ -302,6 +308,7 @@ enum {
 	IOCNUM_PPTDEV_MSI = 43,
 	IOCNUM_PPTDEV_MSIX = 44,
 	IOCNUM_PPTDEV_DISABLE_MSIX = 45,
+	IOCNUM_UNMAP_PPTDEV_MMIO = 46,
 
 	/* statistics */
 	IOCNUM_VM_STATS = 50, 
@@ -358,6 +365,8 @@ enum {
 	_IOW('v', IOCNUM_MMAP_MEMSEG, struct vm_memmap)
 #define	VM_MMAP_GETNEXT	\
 	_IOWR('v', IOCNUM_MMAP_GETNEXT, struct vm_memmap)
+#define	VM_MUNMAP_MEMSEG	\
+	_IOW('v', IOCNUM_MUNMAP_MEMSEG, struct vm_munmap)
 #define	VM_SET_REGISTER \
 	_IOW('v', IOCNUM_SET_REGISTER, struct vm_register)
 #define	VM_GET_REGISTER \
@@ -416,6 +425,8 @@ enum {
 	_IOW('v', IOCNUM_PPTDEV_MSIX, struct vm_pptdev_msix)
 #define	VM_PPTDEV_DISABLE_MSIX \
 	_IOW('v', IOCNUM_PPTDEV_DISABLE_MSIX, struct vm_pptdev)
+#define	VM_UNMAP_PPTDEV_MMIO \
+	_IOW('v', IOCNUM_UNMAP_PPTDEV_MMIO, struct vm_pptdev_mmio)
 #define VM_INJECT_NMI \
 	_IOW('v', IOCNUM_INJECT_NMI, struct vm_nmi)
 #define	VM_STATS \
diff --git a/sys/amd64/vmm/io/ppt.c b/sys/amd64/vmm/io/ppt.c
index 22ad54093081..a936326e8df3 100644
--- a/sys/amd64/vmm/io/ppt.c
+++ b/sys/amd64/vmm/io/ppt.c
@@ -224,7 +224,7 @@ ppt_find(struct vm *vm, int bus, int slot, int func, struct pptdev **pptp)
 }
 
 static void
-ppt_unmap_mmio(struct vm *vm, struct pptdev *ppt)
+ppt_unmap_all_mmio(struct vm *vm, struct pptdev *ppt)
 {
 	int i;
 	struct pptseg *seg;
@@ -412,7 +412,7 @@ ppt_unassign_device(struct vm *vm, int bus, int slot, int func)
 	pci_save_state(ppt->dev);
 	ppt_pci_reset(ppt->dev);
 	pci_restore_state(ppt->dev);
-	ppt_unmap_mmio(vm, ppt);
+	ppt_unmap_all_mmio(vm, ppt);
 	ppt_teardown_msi(ppt);
 	ppt_teardown_msix(ppt);
 	iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev));
@@ -466,6 +466,32 @@ ppt_map_mmio(struct vm *vm, int bus, int slot, int func,
 	return (ENOSPC);
 }
 
+int
+ppt_unmap_mmio(struct vm *vm, int bus, int slot, int func,
+	       vm_paddr_t gpa, size_t len)
+{
+	int i, error;
+	struct pptseg *seg;
+	struct pptdev *ppt;
+
+	error = ppt_find(vm, bus, slot, func, &ppt);
+	if (error)
+		return (error);
+
+	for (i = 0; i < MAX_MMIOSEGS; i++) {
+		seg = &ppt->mmio[i];
+		if (seg->gpa == gpa && seg->len == len) {
+			error = vm_unmap_mmio(vm, seg->gpa, seg->len);
+			if (error == 0) {
+				seg->gpa = 0;
+				seg->len = 0;
+			}
+			return (error);
+		}
+	}
+	return (ENOENT);
+}
+
 static int
 pptintr(void *arg)
 {
diff --git a/sys/amd64/vmm/io/ppt.h b/sys/amd64/vmm/io/ppt.h
index 223afb343e8c..e6339f57b8ad 100644
--- a/sys/amd64/vmm/io/ppt.h
+++ b/sys/amd64/vmm/io/ppt.h
@@ -34,6 +34,8 @@
 int	ppt_unassign_all(struct vm *vm);
 int	ppt_map_mmio(struct vm *vm, int bus, int slot, int func,
 		     vm_paddr_t gpa, size_t len, vm_paddr_t hpa);
+int	ppt_unmap_mmio(struct vm *vm, int bus, int slot, int func,
+		       vm_paddr_t gpa, size_t len);
 int	ppt_setup_msi(struct vm *vm, int vcpu, int bus, int slot, int func,
 		      uint64_t addr, uint64_t msg, int numvec);
 int	ppt_setup_msix(struct vm *vm, int vcpu, int bus, int slot, int func,
diff --git a/sys/amd64/vmm/vmm.c b/sys/amd64/vmm/vmm.c
index 893c9626e67f..5c2a404f45a7 100644
--- a/sys/amd64/vmm/vmm.c
+++ b/sys/amd64/vmm/vmm.c
@@ -797,6 +797,24 @@ vm_mmap_memseg(struct vm *vm, vm_paddr_t gpa, int segid, vm_ooffset_t first,
 	return (0);
 }
 
+int
+vm_munmap_memseg(struct vm *vm, vm_paddr_t gpa, size_t len)
+{
+	struct mem_map *m;
+	int i;
+
+	for (i = 0; i < VM_MAX_MEMMAPS; i++) {
+		m = &vm->mem_maps[i];
+		if (m->gpa == gpa && m->len == len &&
+		    (m->flags & VM_MEMMAP_F_IOMMU) == 0) {
+			vm_free_memmap(vm, i);
+			return (0);
+		}
+	}
+
+	return (EINVAL);
+}
+
 int
 vm_mmap_getnext(struct vm *vm, vm_paddr_t *gpa, int *segid,
     vm_ooffset_t *segoff, size_t *len, int *prot, int *flags)
diff --git a/sys/amd64/vmm/vmm_dev.c b/sys/amd64/vmm/vmm_dev.c
index da8c051016ec..2da6225fdddd 100644
--- a/sys/amd64/vmm/vmm_dev.c
+++ b/sys/amd64/vmm/vmm_dev.c
@@ -381,6 +381,7 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
 	struct vm_rtc_time *rtctime;
 	struct vm_rtc_data *rtcdata;
 	struct vm_memmap *mm;
+	struct vm_munmap *mu;
 	struct vm_cpu_topology *topology;
 	struct vm_readwrite_kernemu_device *kernemu;
 	uint64_t *regvals;
@@ -435,6 +436,7 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
 		break;
 
 	case VM_MAP_PPTDEV_MMIO:
+	case VM_UNMAP_PPTDEV_MMIO:
 	case VM_BIND_PPTDEV:
 	case VM_UNBIND_PPTDEV:
 #ifdef COMPAT_FREEBSD12
@@ -442,6 +444,7 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
 #endif
 	case VM_ALLOC_MEMSEG:
 	case VM_MMAP_MEMSEG:
+	case VM_MUNMAP_MEMSEG:
 	case VM_REINIT:
 		/*
 		 * ioctls that operate on the entire virtual machine must
@@ -525,6 +528,11 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
 				     pptmmio->func, pptmmio->gpa, pptmmio->len,
 				     pptmmio->hpa);
 		break;
+	case VM_UNMAP_PPTDEV_MMIO:
+		pptmmio = (struct vm_pptdev_mmio *)data;
+		error = ppt_unmap_mmio(sc->vm, pptmmio->bus, pptmmio->slot,
+				       pptmmio->func, pptmmio->gpa, pptmmio->len);
+		break;
 	case VM_BIND_PPTDEV:
 		pptdev = (struct vm_pptdev *)data;
 		error = vm_assign_pptdev(sc->vm, pptdev->bus, pptdev->slot,
@@ -643,6 +651,10 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
 		error = vm_mmap_memseg(sc->vm, mm->gpa, mm->segid, mm->segoff,
 		    mm->len, mm->prot, mm->flags);
 		break;
+	case VM_MUNMAP_MEMSEG:
+		mu = (struct vm_munmap *)data;
+		error = vm_munmap_memseg(sc->vm, mu->gpa, mu->len);
+		break;
 #ifdef COMPAT_FREEBSD12
 	case VM_ALLOC_MEMSEG_FBSD12:
 		error = alloc_memseg(sc, (struct vm_memseg *)data,
diff --git a/usr.sbin/bhyve/pci_emul.c b/usr.sbin/bhyve/pci_emul.c
index 803ab0be38bb..a593b08bfd9b 100644
--- a/usr.sbin/bhyve/pci_emul.c
+++ b/usr.sbin/bhyve/pci_emul.c
@@ -461,10 +461,12 @@ pci_emul_alloc_resource(uint64_t *baseptr, uint64_t limit, uint64_t size,
 static void
 modify_bar_registration(struct pci_devinst *pi, int idx, int registration)
 {
+	struct pci_devemu *pe;
 	int error;
 	struct inout_port iop;
 	struct mem_range mr;
 
+	pe = pi->pi_d;
 	switch (pi->pi_bar[idx].type) {
 	case PCIBAR_IO:
 		bzero(&iop, sizeof(struct inout_port));
@@ -478,6 +480,9 @@ modify_bar_registration(struct pci_devinst *pi, int idx, int registration)
 			error = register_inout(&iop);
 		} else
 			error = unregister_inout(&iop);
+		if (pe->pe_baraddr != NULL)
+			(*pe->pe_baraddr)(pi->pi_vmctx, pi, idx, registration,
+					  pi->pi_bar[idx].addr);
 		break;
 	case PCIBAR_MEM32:
 	case PCIBAR_MEM64:
@@ -493,6 +498,9 @@ modify_bar_registration(struct pci_devinst *pi, int idx, int registration)
 			error = register_mem(&mr);
 		} else
 			error = unregister_mem(&mr);
+		if (pe->pe_baraddr != NULL)
+			(*pe->pe_baraddr)(pi->pi_vmctx, pi, idx, registration,
+					  pi->pi_bar[idx].addr);
 		break;
 	default:
 		error = EINVAL;
diff --git a/usr.sbin/bhyve/pci_emul.h b/usr.sbin/bhyve/pci_emul.h
index 3e9e95a74b47..efc5363d0046 100644
--- a/usr.sbin/bhyve/pci_emul.h
+++ b/usr.sbin/bhyve/pci_emul.h
@@ -73,6 +73,9 @@ struct pci_devemu {
 				struct pci_devinst *pi, int baridx,
 				uint64_t offset, int size);
 
+	void	(*pe_baraddr)(struct vmctx *ctx, struct pci_devinst *pi,
+			      int baridx, int enabled, uint64_t address);
+
 	/* Save/restore device state */
 	int	(*pe_snapshot)(struct vm_snapshot_meta *meta);
 	int	(*pe_pause)(struct vmctx *ctx, struct pci_devinst *pi);
diff --git a/usr.sbin/bhyve/pci_fbuf.c b/usr.sbin/bhyve/pci_fbuf.c
index 0bd740a0908c..3fda7ec75044 100644
--- a/usr.sbin/bhyve/pci_fbuf.c
+++ b/usr.sbin/bhyve/pci_fbuf.c
@@ -224,6 +224,30 @@ pci_fbuf_read(struct vmctx *ctx, int vcpu, struct pci_devinst *pi,
 	return (value);
 }
 
+static void
+pci_fbuf_baraddr(struct vmctx *ctx, struct pci_devinst *pi, int baridx,
+		 int enabled, uint64_t address)
+{
+	struct pci_fbuf_softc *sc;
+	int prot;
+
+	if (baridx != 1)
+		return;
+
+	sc = pi->pi_arg;
+	if (!enabled && sc->fbaddr != 0) {
+		if (vm_munmap_memseg(ctx, sc->fbaddr, FB_SIZE) != 0)
+			EPRINTLN("pci_fbuf: munmap_memseg failed");
+		sc->fbaddr = 0;
+	} else if (sc->fb_base != NULL && sc->fbaddr == 0) {
+		prot = PROT_READ | PROT_WRITE;
+		if (vm_mmap_memseg(ctx, address, VM_FRAMEBUFFER, 0, FB_SIZE, prot) != 0)
+			EPRINTLN("pci_fbuf: mmap_memseg failed");
+		sc->fbaddr = address;
+	}
+}
+
+
 static int
 pci_fbuf_parse_opts(struct pci_fbuf_softc *sc, char *opts)
 {
@@ -459,6 +483,7 @@ struct pci_devemu pci_fbuf = {
 	.pe_init =	pci_fbuf_init,
 	.pe_barwrite =	pci_fbuf_write,
 	.pe_barread =	pci_fbuf_read,
+	.pe_baraddr =	pci_fbuf_baraddr,
 #ifdef BHYVE_SNAPSHOT
 	.pe_snapshot =	pci_fbuf_snapshot,
 #endif
diff --git a/usr.sbin/bhyve/pci_passthru.c b/usr.sbin/bhyve/pci_passthru.c
index 3305a4854812..3ec6b858c348 100644
--- a/usr.sbin/bhyve/pci_passthru.c
+++ b/usr.sbin/bhyve/pci_passthru.c
@@ -438,8 +438,8 @@ static int
 init_msix_table(struct vmctx *ctx, struct passthru_softc *sc, uint64_t base)
 {
 	int b, s, f;
-	int error, idx;
-	size_t len, remaining;
+	int idx;
+	size_t remaining;
 	uint32_t table_size, table_offset;
 	uint32_t pba_size, pba_offset;
 	vm_paddr_t start;
@@ -501,31 +501,6 @@ init_msix_table(struct vmctx *ctx, struct passthru_softc *sc, uint64_t base)
 		}
 	}
 
-	/* Map everything before the MSI-X table */
-	if (table_offset > 0) {
-		len = table_offset;
-		error = vm_map_pptdev_mmio(ctx, b, s, f, start, len, base);
-		if (error)
-			return (error);
-
-		base += len;
-		start += len;
-		remaining -= len;
-	}
-
-	/* Skip the MSI-X table */
-	base += table_size;
-	start += table_size;
-	remaining -= table_size;
-
-	/* Map everything beyond the end of the MSI-X table */
-	if (remaining > 0) {
-		len = remaining;
-		error = vm_map_pptdev_mmio(ctx, b, s, f, start, len, base);
-		if (error)
-			return (error);
-	}
-
 	return (0);
 }
 
@@ -592,13 +567,6 @@ cfginitbar(struct vmctx *ctx, struct passthru_softc *sc)
 			error = init_msix_table(ctx, sc, base);
 			if (error) 
 				return (-1);
-		} else if (bartype != PCIBAR_IO) {
-			/* Map the physical BAR in the guest MMIO space */
-			error = vm_map_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
-				sc->psc_sel.pc_dev, sc->psc_sel.pc_func,
-				pi->pi_bar[i].addr, pi->pi_bar[i].size, base);
-			if (error)
-				return (-1);
 		}
 
 		/*
@@ -954,6 +922,92 @@ passthru_read(struct vmctx *ctx, int vcpu, struct pci_devinst *pi, int baridx,
 	return (val);
 }
 
+static void
+passthru_msix_addr(struct vmctx *ctx, struct pci_devinst *pi, int baridx,
+		   int enabled, uint64_t address)
+{
+	struct passthru_softc *sc;
+	size_t remaining;
+	uint32_t table_size, table_offset;
+
+	sc = pi->pi_arg;
+	table_offset = rounddown2(pi->pi_msix.table_offset, 4096);
+	if (table_offset > 0) {
+		if (!enabled) {
+			if (vm_unmap_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+						 sc->psc_sel.pc_dev,
+						 sc->psc_sel.pc_func, address,
+						 table_offset) != 0)
+				warnx("pci_passthru: unmap_pptdev_mmio failed");
+		} else {
+			if (vm_map_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+					       sc->psc_sel.pc_dev,
+					       sc->psc_sel.pc_func, address,
+					       table_offset,
+					       sc->psc_bar[baridx].addr) != 0)
+				warnx("pci_passthru: map_pptdev_mmio failed");
+		}
+	}
+	table_size = pi->pi_msix.table_offset - table_offset;
+	table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE;
+	table_size = roundup2(table_size, 4096);
+	remaining = pi->pi_bar[baridx].size - table_offset - table_size;
+	if (remaining > 0) {
+		address += table_offset + table_size;
+		if (!enabled) {
+			if (vm_unmap_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+						 sc->psc_sel.pc_dev,
+						 sc->psc_sel.pc_func, address,
+						 remaining) != 0)
+				warnx("pci_passthru: unmap_pptdev_mmio failed");
+		} else {
+			if (vm_map_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+					       sc->psc_sel.pc_dev,
+					       sc->psc_sel.pc_func, address,
+					       remaining,
+					       sc->psc_bar[baridx].addr +
+					       table_offset + table_size) != 0)
+				warnx("pci_passthru: map_pptdev_mmio failed");
+		}
+	}
+}
+
+static void
+passthru_mmio_addr(struct vmctx *ctx, struct pci_devinst *pi, int baridx,
+		   int enabled, uint64_t address)
+{
+	struct passthru_softc *sc;
+
+	sc = pi->pi_arg;
+	if (!enabled) {
+		if (vm_unmap_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+					 sc->psc_sel.pc_dev,
+					 sc->psc_sel.pc_func, address,
+					 sc->psc_bar[baridx].size) != 0)
+			warnx("pci_passthru: unmap_pptdev_mmio failed");
+	} else {
+		if (vm_map_pptdev_mmio(ctx, sc->psc_sel.pc_bus,
+				       sc->psc_sel.pc_dev,
+				       sc->psc_sel.pc_func, address,
+				       sc->psc_bar[baridx].size,
+				       sc->psc_bar[baridx].addr) != 0)
+			warnx("pci_passthru: map_pptdev_mmio failed");
+	}
+}
+
+static void
+passthru_addr(struct vmctx *ctx, struct pci_devinst *pi, int baridx,
+	      int enabled, uint64_t address)
+{
+
+	if (pi->pi_bar[baridx].type == PCIBAR_IO)
+		return;
+	if (baridx == pci_msix_table_bar(pi))
+		passthru_msix_addr(ctx, pi, baridx, enabled, address);
+	else
+		passthru_mmio_addr(ctx, pi, baridx, enabled, address);
+}
+
 struct pci_devemu passthru = {
 	.pe_emu		= "passthru",
 	.pe_init	= passthru_init,
@@ -961,5 +1015,6 @@ struct pci_devemu passthru = {
 	.pe_cfgread	= passthru_cfgread,
 	.pe_barwrite 	= passthru_write,
 	.pe_barread    	= passthru_read,
+	.pe_baraddr	= passthru_addr,
 };
 PCI_EMUL_SET(passthru);

From owner-dev-commits-src-branches@freebsd.org  Fri Mar 26 15:59:43 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D7D8D57B0E1;
 Fri, 26 Mar 2021 15:59:43 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6RW35rR7z4r3b;
 Fri, 26 Mar 2021 15:59:43 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Received: from John-Baldwins-MacBook-Pro.local (ralph.baldwin.cx
 [66.234.199.215])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate) (Authenticated sender: jhb)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 50D36285B8;
 Fri, 26 Mar 2021 15:59:43 +0000 (UTC) (envelope-from jhb@FreeBSD.org)
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
To: Jung-uk Kim <jkim@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
 <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
 <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
From: John Baldwin <jhb@FreeBSD.org>
Message-ID: <f7741c4c-3b85-afe3-7b64-d34b1a4714ea@FreeBSD.org>
Date: Fri, 26 Mar 2021 08:59:39 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0)
 Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 15:59:43 -0000

On 3/25/21 2:03 PM, Jung-uk Kim wrote:
> On 21. 3. 25., John Baldwin wrote:
>> On 3/25/21 10:13 AM, Jung-uk Kim wrote:
>>> The branch stable/12 has been updated by jkim:
>>>
>>> URL:
>>> https://cgit.FreeBSD.org/src/commit/?id=18d07050e60ecc738556f0de56e34817303371a4
>>>
>>>
>>> commit 18d07050e60ecc738556f0de56e34817303371a4
>>> Author:     Jung-uk Kim <jkim@FreeBSD.org>
>>> AuthorDate: 2021-03-25 15:45:19 +0000
>>> Commit:     Jung-uk Kim <jkim@FreeBSD.org>
>>> CommitDate: 2021-03-25 17:04:27 +0000
>>>
>>>       OpenSSL: Merge OpenSSL 1.1.1k
>>>            Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380'
>>>            (cherry picked from commit
>>> b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
>>
>> FYI, this merge includes fixes to support /dev/crypto on 12.x (it already
>> worked on 13.0 due to changes in how /dev/crypto worked).  The /dev/crypto
>> support in OpenSSL is fairly minimal at the moment however and only
>> tries to offload AES-CBC operations.
> 
> Note, however, the code is NOT built by default on stable/12.  If you
> want to build it, you need r342009 (f622545b79c4).
> 
> https://cgit.freebsd.org/src/commit?id=f622545b79c4

Ah, good to know then.  Given it's current limited utility I don't think it is
worth merging that change back to stable/12.

-- 
John Baldwin

From owner-dev-commits-src-branches@freebsd.org  Fri Mar 26 16:03:41 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id DEF9157B1E8;
 Fri, 26 Mar 2021 16:03:41 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org
 [IPv6:2610:1c1:1:606c::24b:4])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6Rbd5sQPz4rlV;
 Fri, 26 Mar 2021 16:03:41 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from freefall.freebsd.org (pool-100-8-53-238.nwrknj.fios.verizon.net
 [100.8.53.238])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 (Authenticated sender: jkim/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id A87C328F1C;
 Fri, 26 Mar 2021 16:03:41 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
To: John Baldwin <jhb@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
 <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
 <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
 <f7741c4c-3b85-afe3-7b64-d34b1a4714ea@FreeBSD.org>
From: Jung-uk Kim <jkim@FreeBSD.org>
Organization: FreeBSD.org
Message-ID: <d5706346-dde8-4682-fc5a-6ffa19005850@FreeBSD.org>
Date: Fri, 26 Mar 2021 12:03:41 -0400
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101
 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <f7741c4c-3b85-afe3-7b64-d34b1a4714ea@FreeBSD.org>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="vRvC0Tn5wzNW5gJYN1F1AT6vZYeHWYtiZ"
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 16:03:41 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--vRvC0Tn5wzNW5gJYN1F1AT6vZYeHWYtiZ
Content-Type: multipart/mixed; boundary="Orn02h8DkSz4A0TOXNfhzwnkLS8anzTev";
 protected-headers="v1"
From: Jung-uk Kim <jkim@FreeBSD.org>
To: John Baldwin <jhb@FreeBSD.org>, src-committers@FreeBSD.org,
 dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Message-ID: <d5706346-dde8-4682-fc5a-6ffa19005850@FreeBSD.org>
Subject: Re: git: 18d07050e60e - stable/12 - OpenSSL: Merge OpenSSL 1.1.1k
References: <202103251713.12PHDmmu053498@gitrepo.freebsd.org>
 <8f6e7d21-5612-9141-64f4-841118e5adf5@FreeBSD.org>
 <7c06b687-7195-edd3-ca95-88ab6a9354be@FreeBSD.org>
 <f7741c4c-3b85-afe3-7b64-d34b1a4714ea@FreeBSD.org>
In-Reply-To: <f7741c4c-3b85-afe3-7b64-d34b1a4714ea@FreeBSD.org>

--Orn02h8DkSz4A0TOXNfhzwnkLS8anzTev
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 21. 3. 26., John Baldwin wrote:
> On 3/25/21 2:03 PM, Jung-uk Kim wrote:
>> On 21. 3. 25., John Baldwin wrote:
>>> On 3/25/21 10:13 AM, Jung-uk Kim wrote:
>>>> The branch stable/12 has been updated by jkim:
>>>>
>>>> URL:
>>>> https://cgit.FreeBSD.org/src/commit/?id=3D18d07050e60ecc738556f0de56=
e34817303371a4
>>>>
>>>>
>>>>
>>>> commit 18d07050e60ecc738556f0de56e34817303371a4
>>>> Author:=C2=A0=C2=A0=C2=A0=C2=A0 Jung-uk Kim <jkim@FreeBSD.org>
>>>> AuthorDate: 2021-03-25 15:45:19 +0000
>>>> Commit:=C2=A0=C2=A0=C2=A0=C2=A0 Jung-uk Kim <jkim@FreeBSD.org>
>>>> CommitDate: 2021-03-25 17:04:27 +0000
>>>>
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 OpenSSL: Merge OpenSSL 1.1.1k
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0 Merge commit=20
'94fa08a4bcdfbb3434b025d67d014af3b18e5380'
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0 (cherry pick=
ed from commit
>>>> b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba)
>>>
>>> FYI, this merge includes fixes to support /dev/crypto on 12.x (it
>>> already
>>> worked on 13.0 due to changes in how /dev/crypto worked).=C2=A0 The
>>> /dev/crypto
>>> support in OpenSSL is fairly minimal at the moment however and only
>>> tries to offload AES-CBC operations.
>>
>> Note, however, the code is NOT built by default on stable/12.=C2=A0 If=20
you
>> want to build it, you need r342009 (f622545b79c4).
>>
>> https://cgit.freebsd.org/src/commit?id=3Df622545b79c4
>=20
> Ah, good to know then.=C2=A0 Given it's current limited utility I don't=20
think
> it is worth merging that change back to stable/12.

Agreed.

Jung-uk Kim


--Orn02h8DkSz4A0TOXNfhzwnkLS8anzTev--

--vRvC0Tn5wzNW5gJYN1F1AT6vZYeHWYtiZ
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wsB5BAABCAAjFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAmBeBd0FAwAAAAAACgkQfJ+WJvzb8UZ6
xwgAiaH1nyi+n0HbJuBri/L0hxmd1sLUN0QWmFyrFX9aruk6bXd7xe+K+3GsxD5U9WEGoHFVPoHq
xyR1hlrknwDYe8r4cLEnH5a1EGp86t7AaOvAZdSEHWnaf8Tw/YLWTUAO1IvFUd++W7jb08lxZUk4
ykHK2ZXLfmhZ1f5DlNgrC/uzb3zh5S9KB0W93MTr1aJDDiwj9jYRv9IWQU9oOcB/RIwHiGcpBpQv
iHHpF8pejYZsgrVcWiW2OnUN+pPe4xERVMsvrWq+s6X37kGotnSaH37nJUcw1BZSa6s7ojSPlTPM
JdXQpxAi6cNzR2CQiX2Wg4H/H667SX9tLeRZkI9xaw==
=SKpg
-----END PGP SIGNATURE-----

--vRvC0Tn5wzNW5gJYN1F1AT6vZYeHWYtiZ--

From owner-dev-commits-src-branches@freebsd.org  Fri Mar 26 16:33:21 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E721757C6C5;
 Fri, 26 Mar 2021 16:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6SFs6Glgz4vCg;
 Fri, 26 Mar 2021 16:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BFF191D731;
 Fri, 26 Mar 2021 16:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12QGXLXr018679;
 Fri, 26 Mar 2021 16:33:21 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12QGXLh1018678;
 Fri, 26 Mar 2021 16:33:21 GMT (envelope-from git)
Date: Fri, 26 Mar 2021 16:33:21 GMT
Message-Id: <202103261633.12QGXLh1018678@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: fa6d101e5f67 - releng/13.0 - pf: Handle unmapped mbufs when
 computing checksums
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: fa6d101e5f67246a6804577a9532676eae64c049
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 16:33:22 -0000

The branch releng/13.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=fa6d101e5f67246a6804577a9532676eae64c049

commit fa6d101e5f67246a6804577a9532676eae64c049
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-23 13:38:59 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-26 16:33:12 +0000

    pf: Handle unmapped mbufs when computing checksums
    
    Approved by:    re (cperciva)
    PR:             254419
    Reviewed by:    gallatin, kp
    Tested by:      Igor A. Valkov <viaprog@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D29378
    
    (cherry picked from commit b93a796b06ec013a75a08ac43d8acf6aa94aa970)
    (cherry picked from commit 5fcab6fbcf8b99d1420e681731a07670c38defe3)
---
 sys/netpfil/pf/pf.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 4cccb0101650..0ff3e541ca20 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -5555,11 +5555,17 @@ pf_route(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp,
 	/* Copied from FreeBSD 10.0-CURRENT ip_output. */
 	m0->m_pkthdr.csum_flags |= CSUM_IP;
 	if (m0->m_pkthdr.csum_flags & CSUM_DELAY_DATA & ~ifp->if_hwassist) {
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		in_delayed_cksum(m0);
 		m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
 	}
 #if defined(SCTP) || defined(SCTP_SUPPORT)
 	if (m0->m_pkthdr.csum_flags & CSUM_SCTP & ~ifp->if_hwassist) {
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		sctp_delayed_cksum(m0, (uint32_t)(ip->ip_hl << 2));
 		m0->m_pkthdr.csum_flags &= ~CSUM_SCTP;
 	}
@@ -5717,6 +5723,9 @@ pf_route6(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp,
 	if (m0->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6 &
 	    ~ifp->if_hwassist) {
 		uint32_t plen = m0->m_pkthdr.len - sizeof(*ip6);
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		in6_delayed_cksum(m0, plen, sizeof(struct ip6_hdr));
 		m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6;
 	}

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 02:10:55 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B8A325B4840;
 Sat, 27 Mar 2021 02:10:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6j4H3lhwz4XWm;
 Sat, 27 Mar 2021 02:10:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 73D8425037;
 Sat, 27 Mar 2021 02:10:55 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12R2AtZ9025944;
 Sat, 27 Mar 2021 02:10:55 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12R2Atto025943;
 Sat, 27 Mar 2021 02:10:55 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 02:10:55 GMT
Message-Id: <202103270210.12R2Atto025943@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jessica Clarke <jrtc27@FreeBSD.org>
Subject: git: 5a9fe096f14c - stable/13 - tools/build: Improve host-symlinks
 failure mode
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jrtc27
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 5a9fe096f14c8e7630961b0284c55a60491fd217
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 02:10:55 -0000

The branch stable/13 has been updated by jrtc27:

URL: https://cgit.FreeBSD.org/src/commit/?id=5a9fe096f14c8e7630961b0284c55a60491fd217

commit 5a9fe096f14c8e7630961b0284c55a60491fd217
Author:     Jessica Clarke <jrtc27@FreeBSD.org>
AuthorDate: 2021-03-20 13:00:34 +0000
Commit:     Jessica Clarke <jrtc27@FreeBSD.org>
CommitDate: 2021-03-27 02:10:29 +0000

    tools/build: Improve host-symlinks failure mode
    
    Since set -e is enabled by sys.mk, if the tool cannot be found in PATH
    then the entire shell command line fails, causing us to not print the
    error message below and instead silently (due to the @) fail, only
    getting the usual "Error code 1" print from bmake. Thus, provide a dummy
    default that will never exist (the same as is used by meta2deps.sh) if
    which fails so that we get the error message as intended.
    
    (cherry picked from commit 8c9e45503fe41732f72e1a4cc9a231e63b4289ba)
---
 tools/build/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/build/Makefile b/tools/build/Makefile
index effe8b9cb31d..31d027f75ce2 100644
--- a/tools/build/Makefile
+++ b/tools/build/Makefile
@@ -301,7 +301,8 @@ _host_tools_to_symlink:=${_host_tools_to_symlink:Nsh}
 host-symlinks:
 	@echo "Linking host tools into ${DESTDIR}/bin"
 .for _tool in ${_host_tools_to_symlink}
-	@export PATH=$${PATH}:/usr/local/bin; source_path=`which ${_tool}`; \
+	@export PATH=$${PATH}:/usr/local/bin; \
+	source_path=`which ${_tool} || echo /dev/null/no/such`; \
 	if [ ! -e "$${source_path}" ] ; then \
 		echo "Cannot find host tool '${_tool}' in PATH ($$PATH)." >&2; false; \
 	fi; \

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 02:10:56 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B33D15B48AF;
 Sat, 27 Mar 2021 02:10:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6j4J4lZWz4XWn;
 Sat, 27 Mar 2021 02:10:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 95B2024B7C;
 Sat, 27 Mar 2021 02:10:56 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12R2AugN025966;
 Sat, 27 Mar 2021 02:10:56 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12R2AulH025965;
 Sat, 27 Mar 2021 02:10:56 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 02:10:56 GMT
Message-Id: <202103270210.12R2AulH025965@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Jessica Clarke <jrtc27@FreeBSD.org>
Subject: git: a20427cc0391 - stable/13 - elftoolchain: Support building on
 Arm-based Macs
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jrtc27
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: a20427cc039191ec0488873cdcee16604f5a8c7c
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 02:10:56 -0000

The branch stable/13 has been updated by jrtc27:

URL: https://cgit.FreeBSD.org/src/commit/?id=a20427cc039191ec0488873cdcee16604f5a8c7c

commit a20427cc039191ec0488873cdcee16604f5a8c7c
Author:     Jessica Clarke <jrtc27@FreeBSD.org>
AuthorDate: 2021-03-20 17:58:10 +0000
Commit:     Jessica Clarke <jrtc27@FreeBSD.org>
CommitDate: 2021-03-27 02:10:29 +0000

    elftoolchain: Support building on Arm-based Macs
    
    Currently macOS and DragonFlyBSD get their own special case and only
    handle x86. Since all the FreeBSD cases should be general enough for
    macOS and DragonFlyBSD (and the x86 ones are identical to the existing
    ones) we can just delete the special cases and reuse the FreeBSD ones.
    
    Note that upstream has since removed all the architecture-specific
    checks in this file, with the only code relevant to us being an
    endianness check that uses the generic compiler-provided macros. Thus
    this patch will not be upstreamed, and will be dropped in a future
    vendor import.
    
    (cherry picked from commit 839fdcfc0c1dba34f728813d9756515ad82ff58a)
---
 contrib/elftoolchain/libelf/_libelf_config.h | 22 ++++------------------
 1 file changed, 4 insertions(+), 18 deletions(-)

diff --git a/contrib/elftoolchain/libelf/_libelf_config.h b/contrib/elftoolchain/libelf/_libelf_config.h
index 05869757f663..0f16f3aefde5 100644
--- a/contrib/elftoolchain/libelf/_libelf_config.h
+++ b/contrib/elftoolchain/libelf/_libelf_config.h
@@ -26,25 +26,11 @@
  * $Id: _libelf_config.h 3764 2019-06-28 21:44:46Z emaste $
  */
 
-#if defined(__APPLE__) || defined(__DragonFly__)
-
-#if	defined(__amd64__)
-#define	LIBELF_ARCH		EM_X86_64
-#define	LIBELF_BYTEORDER	ELFDATA2LSB
-#define	LIBELF_CLASS		ELFCLASS64
-#elif	defined(__i386__)
-#define	LIBELF_ARCH		EM_386
-#define	LIBELF_BYTEORDER	ELFDATA2LSB
-#define	LIBELF_CLASS		ELFCLASS32
-#endif
-
-#endif	/* __DragonFly__ */
-
-#ifdef __FreeBSD__
+#if defined(__APPLE__) || defined(__DragonFly__) || defined(__FreeBSD__)
 
 /*
  * Define LIBELF_{ARCH,BYTEORDER,CLASS} based on the machine architecture.
- * See also: <machine/elf.h>.
+ * See also: <machine/elf.h> on FreeBSD.
  */
 
 #if	defined(__amd64__)
@@ -126,9 +112,9 @@
 #define	LIBELF_CLASS		ELFCLASS64
 
 #else
-#error	Unknown FreeBSD architecture.
+#error	Unknown architecture.
 #endif
-#endif  /* __FreeBSD__ */
+#endif  /*  defined(__APPLE__) || defined(__DragonFly__) || defined(__FreeBSD__) */
 
 /*
  * Definitions for Minix3.

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 11:09:43 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B8F805C04DF;
 Sat, 27 Mar 2021 11:09:43 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F6x1z4vDyz3KL9;
 Sat, 27 Mar 2021 11:09:43 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9AF9B3B96;
 Sat, 27 Mar 2021 11:09:43 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12RB9hGD074899;
 Sat, 27 Mar 2021 11:09:43 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12RB9hHY074898;
 Sat, 27 Mar 2021 11:09:43 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 11:09:43 GMT
Message-Id: <202103271109.12RB9hHY074898@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Emmanuel Vadot <manu@FreeBSD.org>
Subject: git: 08639983e038 - stable/13 - release: amd64: Fix ISO/USB hybrid
 image
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: manu
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 08639983e0384556a37d19814f55417f604964a1
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 11:09:43 -0000

The branch stable/13 has been updated by manu:

URL: https://cgit.FreeBSD.org/src/commit/?id=08639983e0384556a37d19814f55417f604964a1

commit 08639983e0384556a37d19814f55417f604964a1
Author:     Emmanuel Vadot <manu@FreeBSD.org>
AuthorDate: 2021-03-27 11:04:51 +0000
Commit:     Emmanuel Vadot <manu@FreeBSD.org>
CommitDate: 2021-03-27 11:09:22 +0000

    release: amd64: Fix ISO/USB hybrid image
    
    Recent mkimg changes forces to have partitions given in explicit order.
    This is so we can have the first partition starting at a specific offset
    and the next ones starting after without having to specify an offset.
    Switch the partition in the mkisoimage.sh script so the first one created
    is the isoboot one.
    
    PR:    254490
    Reported by:    Michael Dexter <editor@callfortesting.org
    Tested by:      Vincent Milum Jr <freebsd@darkain.com>
    MFC after:      Right now
    
    (cherry picked from commit 90d2f7c413f9fc4ac479fa5e91ba1de6d4ea8d45)
---
 release/amd64/mkisoimages.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release/amd64/mkisoimages.sh b/release/amd64/mkisoimages.sh
index 1a1440fa1983..a9e8a2c04392 100644
--- a/release/amd64/mkisoimages.sh
+++ b/release/amd64/mkisoimages.sh
@@ -89,8 +89,8 @@ if [ "$bootable" != "" ]; then
 	$MKIMG -s gpt \
 	    --capacity $imgsize \
 	    -b "$BASEBITSDIR/boot/pmbr" \
-	    $espparam \
 	    -p freebsd-boot:="$BASEBITSDIR/boot/isoboot" \
+	    $espparam \
 	    -o hybrid.img
 
 	# Drop the PMBR, GPT, and boot code into the System Area of the ISO.

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 18:48:09 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 57A6B57D088;
 Sat, 27 Mar 2021 18:48:09 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F77Bx25xFz4Ysx;
 Sat, 27 Mar 2021 18:48:09 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3B134122F6;
 Sat, 27 Mar 2021 18:48:09 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12RIm9p5018099;
 Sat, 27 Mar 2021 18:48:09 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12RIm93a018097;
 Sat, 27 Mar 2021 18:48:09 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 18:48:09 GMT
Message-Id: <202103271848.12RIm93a018097@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Piotr Pawel Stefaniak <pstef@FreeBSD.org>
Subject: git: 0e9d4b8b7574 - stable/13 - security.7: fix typo in sysctl name
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: pstef
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0e9d4b8b75748064d0c8603304a4309e5b5645ca
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 18:48:09 -0000

The branch stable/13 has been updated by pstef:

URL: https://cgit.FreeBSD.org/src/commit/?id=0e9d4b8b75748064d0c8603304a4309e5b5645ca

commit 0e9d4b8b75748064d0c8603304a4309e5b5645ca
Author:     Piotr Pawel Stefaniak <pstef@FreeBSD.org>
AuthorDate: 2021-03-26 21:24:06 +0000
Commit:     Piotr Pawel Stefaniak <pstef@FreeBSD.org>
CommitDate: 2021-03-27 18:45:33 +0000

    security.7: fix typo in sysctl name
    
    It is machdep.syscall_ret_flush_l1d.
    
    (cherry picked from commit 4233882f4ed36bde0ad03918d3f9a54a0cd7697a)
---
 share/man/man7/security.7 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/share/man/man7/security.7 b/share/man/man7/security.7
index b4aeb5728313..bb7e120a1d46 100644
--- a/share/man/man7/security.7
+++ b/share/man/man7/security.7
@@ -1011,7 +1011,7 @@ Controls Speculative Store Bypass hardware information leak mitigation.
 amd64 and i386.
 Controls Indirect Branch Restricted Speculation hardware information leak
 mitigation.
-.It Dv machdep.syscall_ret_l1d_flush
+.It Dv machdep.syscall_ret_flush_l1d
 amd64.
 Controls force-flush of L1D cache on return from syscalls which report
 errors other than

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 20:58:35 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 669025A8028;
 Sat, 27 Mar 2021 20:58:35 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7B5R2RmMz4hFF;
 Sat, 27 Mar 2021 20:58:35 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 46A6F13E0B;
 Sat, 27 Mar 2021 20:58:35 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12RKwZeB099915;
 Sat, 27 Mar 2021 20:58:35 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12RKwZx3099914;
 Sat, 27 Mar 2021 20:58:35 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 20:58:35 GMT
Message-Id: <202103272058.12RKwZx3099914@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 85ad493677a2 - stable/13 - mountd(8): generate a syslog message
 when the "V4:" line is missing
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 85ad493677a28725505834f61f7ba2230bbb19b3
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 20:58:35 -0000

The branch stable/13 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=85ad493677a28725505834f61f7ba2230bbb19b3

commit 85ad493677a28725505834f61f7ba2230bbb19b3
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2021-03-09 00:08:02 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2021-03-27 19:52:15 +0000

    mountd(8): generate a syslog message when the "V4:" line is missing
    
    Daniel reported that NFSv4 mounts were not working despite having
    set "nfsv4_server_enable=YES" in /etc/rc.conf.  Mountd was logging a
    message that there was no /etc/exports file.
    He noted that creating a /etc/exports file with a "V4:" line in it
    was needed make NFSv4 mounts work.
    At least one "V4:" line in one of the exports(5) file(s) is needed to
    make NFSv4 mounts work. This patch fixes mountd.c so that it logs a
    message indicting that there is no "V4:" line in any exports(5)
    file when NFSv4 mounts are enabled.
    To avoid this message being generated erroneously, /etc/rc.d/mountd
    is updated to make sure vfs.nfsd.server_max_nfsvers is properly set
    before mountd(8) is started.
    
    PR:     253901
    
    (cherry picked from commit 09673fc0f36dd1cca74940a240a9ed0f62228084)
---
 libexec/rc/rc.d/mountd   |  3 +++
 usr.sbin/mountd/mountd.c | 18 +++++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/mountd b/libexec/rc/rc.d/mountd
index 85d04c37a018..ba573ad732cc 100755
--- a/libexec/rc/rc.d/mountd
+++ b/libexec/rc/rc.d/mountd
@@ -34,6 +34,9 @@ mountd_precmd()
 		rc_flags="${rc_flags} -R"
 	else
 		force_depend rpcbind || return 1
+		if ! checkyesno nfsv4_server_enable; then
+			sysctl vfs.nfsd.server_max_nfsvers=3 > /dev/null
+		fi
 	fi
 
 	# mountd flags will differ depending on rc.conf settings
diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
index 76972c66a6ed..c66ac13b3016 100644
--- a/usr.sbin/mountd/mountd.c
+++ b/usr.sbin/mountd/mountd.c
@@ -1888,10 +1888,11 @@ get_exportlist(int passno)
 	struct iovec *iov;
 	struct statfs *mntbufp;
 	char errmsg[255];
-	int num, i;
+	int error, i, nfs_maxvers, num;
 	int iovlen;
 	struct nfsex_args eargs;
 	FILE *debug_file;
+	size_t nfs_maxvers_size;
 
 	if ((debug_file = fopen(_PATH_MOUNTDDEBUG, "r")) != NULL) {
 		fclose(debug_file);
@@ -2015,6 +2016,21 @@ get_exportlist(int passno)
 		read_exportfile(0);
 	}
 
+	if (strlen(v4root_dirpath) == 0) {
+		/* Check to see if a V4: line is needed. */
+		nfs_maxvers_size = sizeof(nfs_maxvers);
+		error = sysctlbyname("vfs.nfsd.server_max_nfsvers",
+		    &nfs_maxvers, &nfs_maxvers_size, NULL, 0);
+		if (error != 0 || nfs_maxvers < NFS_VER2 || nfs_maxvers >
+		    NFS_VER4) {
+			syslog(LOG_ERR, "sysctlbyname(vfs.nfsd."
+			    "server_max_nfsvers) failed, defaulting to NFSv3");
+			nfs_maxvers = NFS_VER3;
+		}
+		if (nfs_maxvers == NFS_VER4)
+			syslog(LOG_ERR, "NFSv4 requires at least one V4: line");
+	}
+
 	if (iov != NULL) {
 		/* Free strings allocated by strdup() in getmntopts.c */
 		free(iov[0].iov_base); /* fstype */

From owner-dev-commits-src-branches@freebsd.org  Sat Mar 27 21:06:39 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 299D15A83E8;
 Sat, 27 Mar 2021 21:06:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7BGl0knCz4j0N;
 Sat, 27 Mar 2021 21:06:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0214E13DE0;
 Sat, 27 Mar 2021 21:06:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12RL6c5N014359;
 Sat, 27 Mar 2021 21:06:38 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12RL6cYh014358;
 Sat, 27 Mar 2021 21:06:38 GMT (envelope-from git)
Date: Sat, 27 Mar 2021 21:06:38 GMT
Message-Id: <202103272106.12RL6cYh014358@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 5cc4e912e031 - stable/12 - mountd(8): generate a syslog message
 when the "V4:" line is missing
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 5cc4e912e031c717e6ee6c2a0fd92137cc2dcefc
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 21:06:39 -0000

The branch stable/12 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=5cc4e912e031c717e6ee6c2a0fd92137cc2dcefc

commit 5cc4e912e031c717e6ee6c2a0fd92137cc2dcefc
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2021-03-09 00:08:02 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2021-03-27 20:03:51 +0000

    mountd(8): generate a syslog message when the "V4:" line is missing
    
    Daniel reported that NFSv4 mounts were not working despite having
    set "nfsv4_server_enable=YES" in /etc/rc.conf.  Mountd was logging a
    message that there was no /etc/exports file.
    He noted that creating a /etc/exports file with a "V4:" line in it
    was needed make NFSv4 mounts work.
    At least one "V4:" line in one of the exports(5) file(s) is needed to
    make NFSv4 mounts work. This patch fixes mountd.c so that it logs a
    message indicting that there is no "V4:" line in any exports(5)
    file when NFSv4 mounts are enabled.
    To avoid this message being generated erroneously, /etc/rc.d/mountd
    is updated to make sure vfs.nfsd.server_max_nfsvers is properly set
    before mountd(8) is started.
    
    PR:     253901
    
    (cherry picked from commit 09673fc0f36dd1cca74940a240a9ed0f62228084)
---
 libexec/rc/rc.d/mountd   |  3 +++
 usr.sbin/mountd/mountd.c | 18 +++++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/mountd b/libexec/rc/rc.d/mountd
index 85d04c37a018..ba573ad732cc 100755
--- a/libexec/rc/rc.d/mountd
+++ b/libexec/rc/rc.d/mountd
@@ -34,6 +34,9 @@ mountd_precmd()
 		rc_flags="${rc_flags} -R"
 	else
 		force_depend rpcbind || return 1
+		if ! checkyesno nfsv4_server_enable; then
+			sysctl vfs.nfsd.server_max_nfsvers=3 > /dev/null
+		fi
 	fi
 
 	# mountd flags will differ depending on rc.conf settings
diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
index 2936a1962a33..7e0927d96195 100644
--- a/usr.sbin/mountd/mountd.c
+++ b/usr.sbin/mountd/mountd.c
@@ -1871,10 +1871,11 @@ get_exportlist(int passno)
 	struct iovec *iov;
 	struct statfs *mntbufp;
 	char errmsg[255];
-	int num, i;
+	int error, i, nfs_maxvers, num;
 	int iovlen;
 	struct nfsex_args eargs;
 	FILE *debug_file;
+	size_t nfs_maxvers_size;
 
 	if ((debug_file = fopen(_PATH_MOUNTDDEBUG, "r")) != NULL) {
 		fclose(debug_file);
@@ -1998,6 +1999,21 @@ get_exportlist(int passno)
 		read_exportfile(0);
 	}
 
+	if (strlen(v4root_dirpath) == 0) {
+		/* Check to see if a V4: line is needed. */
+		nfs_maxvers_size = sizeof(nfs_maxvers);
+		error = sysctlbyname("vfs.nfsd.server_max_nfsvers",
+		    &nfs_maxvers, &nfs_maxvers_size, NULL, 0);
+		if (error != 0 || nfs_maxvers < NFS_VER2 || nfs_maxvers >
+		    NFS_VER4) {
+			syslog(LOG_ERR, "sysctlbyname(vfs.nfsd."
+			    "server_max_nfsvers) failed, defaulting to NFSv3");
+			nfs_maxvers = NFS_VER3;
+		}
+		if (nfs_maxvers == NFS_VER4)
+			syslog(LOG_ERR, "NFSv4 requires at least one V4: line");
+	}
+
 	if (iov != NULL) {
 		/* Free strings allocated by strdup() in getmntopts.c */
 		free(iov[0].iov_base); /* fstype */

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 00:25:24 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E7B155ADF62;
 Sun, 28 Mar 2021 00:25:23 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7Gh26lQgz4tpc;
 Sun, 28 Mar 2021 00:25:22 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5D22116B18;
 Sun, 28 Mar 2021 00:25:21 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12S0PKS0093282;
 Sun, 28 Mar 2021 00:25:20 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12S0PKrq093281;
 Sun, 28 Mar 2021 00:25:20 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 00:25:20 GMT
Message-Id: <202103280025.12S0PKrq093281@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 6008a5fad3c1 - stable/12 - accept_filter: Fix filter parameter
 handling
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 6008a5fad3c110c4ec03cc3fe60ce41c4e548b98
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 00:25:27 -0000

The branch stable/12 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=6008a5fad3c110c4ec03cc3fe60ce41c4e548b98

commit 6008a5fad3c110c4ec03cc3fe60ce41c4e548b98
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-25 21:55:20 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-28 00:25:19 +0000

    accept_filter: Fix filter parameter handling
    
    For filters which implement accf_create, the setsockopt(2) handler
    caches the filter name in the socket, but it also incorrectly frees the
    buffer containing the copy, leaving a dangling pointer.  Note that no
    accept filters provided in the base system are susceptible to this, as
    they don't implement accf_create.
    
    Reported by:    Alexey Kulaev <alex.qart@gmail.com>
    Discussed with: emaste
    Security:       kernel use-after-free
    MFC after:      3 days
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee)
---
 sys/kern/uipc_accf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/kern/uipc_accf.c b/sys/kern/uipc_accf.c
index 9aab541883d6..98cefe0789a8 100644
--- a/sys/kern/uipc_accf.c
+++ b/sys/kern/uipc_accf.c
@@ -298,6 +298,7 @@ accept_filt_setopt(struct socket *so, struct sockopt *sopt)
 	so->sol_accept_filter = afp;
 	so->sol_accept_filter_arg = accept_filter_arg;
 	so->sol_accept_filter_str = accept_filter_str;
+	accept_filter_str = NULL;
 	so->so_options |= SO_ACCEPTFILTER;
 out:
 	SOCK_UNLOCK(so);

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 00:25:27 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 879B35ADE42;
 Sun, 28 Mar 2021 00:25:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7Gh72Jq8z4tY3;
 Sun, 28 Mar 2021 00:25:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2D13F161FF;
 Sun, 28 Mar 2021 00:25:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12S0PRkW093421;
 Sun, 28 Mar 2021 00:25:27 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12S0PREl093420;
 Sun, 28 Mar 2021 00:25:27 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 00:25:27 GMT
Message-Id: <202103280025.12S0PREl093420@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c7d10e7ec872 - stable/13 - accept_filter: Fix filter parameter
 handling
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c7d10e7ec872070a40bbddc3158b1997c1df09af
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 00:25:27 -0000

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c7d10e7ec872070a40bbddc3158b1997c1df09af

commit c7d10e7ec872070a40bbddc3158b1997c1df09af
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-25 21:55:20 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-28 00:24:15 +0000

    accept_filter: Fix filter parameter handling
    
    For filters which implement accf_create, the setsockopt(2) handler
    caches the filter name in the socket, but it also incorrectly frees the
    buffer containing the copy, leaving a dangling pointer.  Note that no
    accept filters provided in the base system are susceptible to this, as
    they don't implement accf_create.
    
    Reported by:    Alexey Kulaev <alex.qart@gmail.com>
    Discussed with: emaste
    Security:       kernel use-after-free
    MFC after:      3 days
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee)
---
 sys/kern/uipc_accf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/kern/uipc_accf.c b/sys/kern/uipc_accf.c
index debf4b2deeb1..3ca64dd21e25 100644
--- a/sys/kern/uipc_accf.c
+++ b/sys/kern/uipc_accf.c
@@ -299,6 +299,7 @@ accept_filt_setopt(struct socket *so, struct sockopt *sopt)
 	so->sol_accept_filter = afp;
 	so->sol_accept_filter_arg = accept_filter_arg;
 	so->sol_accept_filter_str = accept_filter_str;
+	accept_filter_str = NULL;
 	so->so_options |= SO_ACCEPTFILTER;
 out:
 	SOCK_UNLOCK(so);

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 00:25:27 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 628AC5AE08F;
 Sun, 28 Mar 2021 00:25:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7Gh65r3fz4tmv;
 Sun, 28 Mar 2021 00:25:26 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 10EE116846;
 Sun, 28 Mar 2021 00:25:26 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12S0PP99093402;
 Sun, 28 Mar 2021 00:25:25 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12S0PPfo093401;
 Sun, 28 Mar 2021 00:25:25 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 00:25:25 GMT
Message-Id: <202103280025.12S0PPfo093401@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 41a8dc361969 - stable/13 - pf: Handle unmapped mbufs when
 computing checksums
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 41a8dc361969629706827fb867cedaec3c270e68
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 00:25:27 -0000

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=41a8dc361969629706827fb867cedaec3c270e68

commit 41a8dc361969629706827fb867cedaec3c270e68
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-23 13:38:59 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-28 00:23:57 +0000

    pf: Handle unmapped mbufs when computing checksums
    
    PR:             254419
    Reviewed by:    gallatin, kp
    Tested by:      Igor A. Valkov <viaprog@gmail.com>
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D29378
    
    (cherry picked from commit b93a796b06ec013a75a08ac43d8acf6aa94aa970)
---
 sys/netpfil/pf/pf.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 2757bf9cdc54..46731cbf9ee1 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -5571,11 +5571,17 @@ pf_route(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp,
 	/* Copied from FreeBSD 10.0-CURRENT ip_output. */
 	m0->m_pkthdr.csum_flags |= CSUM_IP;
 	if (m0->m_pkthdr.csum_flags & CSUM_DELAY_DATA & ~ifp->if_hwassist) {
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		in_delayed_cksum(m0);
 		m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
 	}
 #if defined(SCTP) || defined(SCTP_SUPPORT)
 	if (m0->m_pkthdr.csum_flags & CSUM_SCTP & ~ifp->if_hwassist) {
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		sctp_delayed_cksum(m0, (uint32_t)(ip->ip_hl << 2));
 		m0->m_pkthdr.csum_flags &= ~CSUM_SCTP;
 	}
@@ -5752,6 +5758,9 @@ pf_route6(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp,
 	if (m0->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6 &
 	    ~ifp->if_hwassist) {
 		uint32_t plen = m0->m_pkthdr.len - sizeof(*ip6);
+		m0 = mb_unmapped_to_ext(m0);
+		if (m0 == NULL)
+			goto done;
 		in6_delayed_cksum(m0, plen, sizeof(struct ip6_hdr));
 		m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6;
 	}

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 15:03:49 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 19CC557C590;
 Sun, 28 Mar 2021 15:03:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7f9d0Dh0z4kCm;
 Sun, 28 Mar 2021 15:03:49 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF1012211D;
 Sun, 28 Mar 2021 15:03:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SF3mMa024939;
 Sun, 28 Mar 2021 15:03:48 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SF3mTf024937;
 Sun, 28 Mar 2021 15:03:48 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 15:03:48 GMT
Message-Id: <202103281503.12SF3mTf024937@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: af6611e5adc6 - releng/13.0 - accept_filter: Fix filter parameter
 handling
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: af6611e5adc69d791fc1441a1078ffb6c2ea12f0
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 15:03:49 -0000

The branch releng/13.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=af6611e5adc69d791fc1441a1078ffb6c2ea12f0

commit af6611e5adc69d791fc1441a1078ffb6c2ea12f0
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-03-25 21:55:20 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-28 15:03:37 +0000

    accept_filter: Fix filter parameter handling
    
    For filters which implement accf_create, the setsockopt(2) handler
    caches the filter name in the socket, but it also incorrectly frees the
    buffer containing the copy, leaving a dangling pointer.  Note that no
    accept filters provided in the base system are susceptible to this, as
    they don't implement accf_create.
    
    Approved by:    re (gjb)
    Reported by:    Alexey Kulaev <alex.qart@gmail.com>
    Discussed with: emaste
    Security:       kernel use-after-free
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee)
    (cherry picked from commit c7d10e7ec872070a40bbddc3158b1997c1df09af)
---
 sys/kern/uipc_accf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/kern/uipc_accf.c b/sys/kern/uipc_accf.c
index debf4b2deeb1..3ca64dd21e25 100644
--- a/sys/kern/uipc_accf.c
+++ b/sys/kern/uipc_accf.c
@@ -299,6 +299,7 @@ accept_filt_setopt(struct socket *so, struct sockopt *sopt)
 	so->sol_accept_filter = afp;
 	so->sol_accept_filter_arg = accept_filter_arg;
 	so->sol_accept_filter_str = accept_filter_str;
+	accept_filter_str = NULL;
 	so->so_options |= SO_ACCEPTFILTER;
 out:
 	SOCK_UNLOCK(so);

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 17:50:38 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AE64D5A892D;
 Sun, 28 Mar 2021 17:50:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7jt6482Zz4tN9;
 Sun, 28 Mar 2021 17:50:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 81687242D4;
 Sun, 28 Mar 2021 17:50:38 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SHocBS059482;
 Sun, 28 Mar 2021 17:50:38 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SHoc5n059469;
 Sun, 28 Mar 2021 17:50:38 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 17:50:38 GMT
Message-Id: <202103281750.12SHoc5n059469@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: 1048c56784c0 - stable/13 - Makefile.inc1: unbreak bootstrap when
 kbdcontrol does not exist
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 1048c56784c0e1d044b6828b030f326e48eaba28
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 17:50:38 -0000

The branch stable/13 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=1048c56784c0e1d044b6828b030f326e48eaba28

commit 1048c56784c0e1d044b6828b030f326e48eaba28
Author:     Glen Barber <gjb@FreeBSD.org>
AuthorDate: 2021-03-24 00:47:14 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-28 17:49:34 +0000

    Makefile.inc1: unbreak bootstrap when kbdcontrol does not exist
    
    Submitted by:           Evgeniy Khramtsov
    Reviewed by:            arichardson
    Sponsored by:           Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 50179c5ec7d09d7b02497caf95dca5d33f93bcd9)
---
 Makefile.inc1 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile.inc1 b/Makefile.inc1
index f27cd2706359..288d16a7574e 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -2299,7 +2299,8 @@ _bootstrap_tools_links+=crunchgen
 # Note: kbdcontrol can not be bootstrapped on non-FreeBSD systems
 .if !defined(CROSSBUILD_HOST)
 .if (${BOOTSTRAPPING} < 1003501 || \
-	(${BOOTSTRAPPING} >= 1100000 && ${BOOTSTRAPPING} < 1100103))
+	(${BOOTSTRAPPING} >= 1100000 && ${BOOTSTRAPPING} < 1100103) || \
+	(!exists(/usr/sbin/kbdcontrol)))
 _kbdcontrol=	usr.sbin/kbdcontrol
 .else
 _bootstrap_tools_links+=kbdcontrol

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 18:27:39 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 586DE5A972D;
 Sun, 28 Mar 2021 18:27:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7khq1dPzz4vwJ;
 Sun, 28 Mar 2021 18:27:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2A92B24CA2;
 Sun, 28 Mar 2021 18:27:39 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SIRdIl006749;
 Sun, 28 Mar 2021 18:27:39 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SIRdPr006748;
 Sun, 28 Mar 2021 18:27:39 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 18:27:39 GMT
Message-Id: <202103281827.12SIRdPr006748@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Glen Barber <gjb@FreeBSD.org>
Subject: git: b56440b34356 - releng/13.0 - Makefile.inc1: unbreak bootstrap
 when kbdcontrol does not exist
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gjb
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: b56440b34356282a9b659366341d81e620e515e5
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 18:27:39 -0000

The branch releng/13.0 has been updated by gjb:

URL: https://cgit.FreeBSD.org/src/commit/?id=b56440b34356282a9b659366341d81e620e515e5

commit b56440b34356282a9b659366341d81e620e515e5
Author:     Glen Barber <gjb@FreeBSD.org>
AuthorDate: 2021-03-24 00:47:14 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-28 18:27:29 +0000

    Makefile.inc1: unbreak bootstrap when kbdcontrol does not exist
    
    Approved by:            re (cperciva)
    Submitted by:           Evgeniy Khramtsov
    Reviewed by:            arichardson
    Sponsored by:           Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 50179c5ec7d09d7b02497caf95dca5d33f93bcd9)
    (cherry picked from commit 1048c56784c0e1d044b6828b030f326e48eaba28)
---
 Makefile.inc1 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile.inc1 b/Makefile.inc1
index f27cd2706359..288d16a7574e 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -2299,7 +2299,8 @@ _bootstrap_tools_links+=crunchgen
 # Note: kbdcontrol can not be bootstrapped on non-FreeBSD systems
 .if !defined(CROSSBUILD_HOST)
 .if (${BOOTSTRAPPING} < 1003501 || \
-	(${BOOTSTRAPPING} >= 1100000 && ${BOOTSTRAPPING} < 1100103))
+	(${BOOTSTRAPPING} >= 1100000 && ${BOOTSTRAPPING} < 1100103) || \
+	(!exists(/usr/sbin/kbdcontrol)))
 _kbdcontrol=	usr.sbin/kbdcontrol
 .else
 _bootstrap_tools_links+=kbdcontrol

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 18:54:52 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8EC605AA621;
 Sun, 28 Mar 2021 18:54:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7lJD3hnRz3DW7;
 Sun, 28 Mar 2021 18:54:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7136625482;
 Sun, 28 Mar 2021 18:54:52 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SIsqwd048113;
 Sun, 28 Mar 2021 18:54:52 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SIsqZp048112;
 Sun, 28 Mar 2021 18:54:52 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 18:54:52 GMT
Message-Id: <202103281854.12SIsqZp048112@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Emmanuel Vadot <manu@FreeBSD.org>
Subject: git: d6616e3dbaee - releng/13.0 - release: amd64: Fix ISO/USB hybrid
 image
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: manu
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: d6616e3dbaeeb0cf336dda3eec1c5fa7faf8a5c5
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 18:54:52 -0000

The branch releng/13.0 has been updated by manu:

URL: https://cgit.FreeBSD.org/src/commit/?id=d6616e3dbaeeb0cf336dda3eec1c5fa7faf8a5c5

commit d6616e3dbaeeb0cf336dda3eec1c5fa7faf8a5c5
Author:     Emmanuel Vadot <manu@FreeBSD.org>
AuthorDate: 2021-03-27 11:04:51 +0000
Commit:     Emmanuel Vadot <manu@FreeBSD.org>
CommitDate: 2021-03-28 18:54:28 +0000

    release: amd64: Fix ISO/USB hybrid image
    
    Recent mkimg changes forces to have partitions given in explicit order.
    This is so we can have the first partition starting at a specific offset
    and the next ones starting after without having to specify an offset.
    Switch the partition in the mkisoimage.sh script so the first one created
    is the isoboot one.
    
    Approved by:    re(gjb)
    PR:    254490
    Reported by:    Michael Dexter <editor@callfortesting.org
    Tested by:      Vincent Milum Jr <freebsd@darkain.com>
    MFC after:      Right now
    
    (cherry picked from commit 90d2f7c413f9fc4ac479fa5e91ba1de6d4ea8d45)
    (cherry picked from commit 08639983e0384556a37d19814f55417f604964a1)
---
 release/amd64/mkisoimages.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release/amd64/mkisoimages.sh b/release/amd64/mkisoimages.sh
index 1a1440fa1983..a9e8a2c04392 100644
--- a/release/amd64/mkisoimages.sh
+++ b/release/amd64/mkisoimages.sh
@@ -89,8 +89,8 @@ if [ "$bootable" != "" ]; then
 	$MKIMG -s gpt \
 	    --capacity $imgsize \
 	    -b "$BASEBITSDIR/boot/pmbr" \
-	    $espparam \
 	    -p freebsd-boot:="$BASEBITSDIR/boot/isoboot" \
+	    $espparam \
 	    -o hybrid.img
 
 	# Drop the PMBR, GPT, and boot code into the System Area of the ISO.

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:42:14 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B0CAB5AE184;
 Sun, 28 Mar 2021 20:42:14 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nh64fv1z3MGy;
 Sun, 28 Mar 2021 20:42:14 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 92F5126B69;
 Sun, 28 Mar 2021 20:42:14 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKgEHb002437;
 Sun, 28 Mar 2021 20:42:14 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKgEOr002436;
 Sun, 28 Mar 2021 20:42:14 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:42:14 GMT
Message-Id: <202103282042.12SKgEOr002436@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 823a80f4f903 - stable/13 - Zero `struct weightened_nhop` fields
 in nhgrp_get_addition_group().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 823a80f4f9037b6b9611aaceb21f53115d1e64f1
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:42:14 -0000

The branch stable/13 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=823a80f4f9037b6b9611aaceb21f53115d1e64f1

commit 823a80f4f9037b6b9611aaceb21f53115d1e64f1
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-20 08:26:03 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:41:56 +0000

    Zero `struct weightened_nhop` fields in nhgrp_get_addition_group().
    
    `struct weightened_nhop` has spare 32bit between the fields due to
     the alignment (on amd64).
    Not zeroing these spare bits results in duplicating nhop groups
     in the kernel due to the way how comparison works.
    
    (cherry picked from commit 6f43c72b472ee78e04f1ebd347ca0ae7787ee876)
---
 sys/net/route/nhgrp_ctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/net/route/nhgrp_ctl.c b/sys/net/route/nhgrp_ctl.c
index b329b907144f..b228c3bcee37 100644
--- a/sys/net/route/nhgrp_ctl.c
+++ b/sys/net/route/nhgrp_ctl.c
@@ -646,7 +646,7 @@ nhgrp_get_addition_group(struct rib_head *rh, struct route_nhop_data *rnd_orig,
 {
 	struct nh_control *ctl = rh->nh_control;
 	struct nhgrp_priv *nhg_priv;
-	struct weightened_nhop wn[2];
+	struct weightened_nhop wn[2] = {};
 	int error;
 
 	if (rnd_orig->rnd_nhop == NULL) {

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:50:23 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 42F5E5AE23A;
 Sun, 28 Mar 2021 20:50:23 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nsW0WqFz3MJh;
 Sun, 28 Mar 2021 20:50:23 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0390626A60;
 Sun, 28 Mar 2021 20:50:23 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKoMIq011953;
 Sun, 28 Mar 2021 20:50:22 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKoMWH011952;
 Sun, 28 Mar 2021 20:50:22 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:50:22 GMT
Message-Id: <202103282050.12SKoMWH011952@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 367fcd5bce34 - releng/13.0 - Fix blackhole/reject routes.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 367fcd5bce34bcd9aff540443a0d2e7fa5dbe90a
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:50:23 -0000

The branch releng/13.0 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=367fcd5bce34bcd9aff540443a0d2e7fa5dbe90a

commit 367fcd5bce34bcd9aff540443a0d2e7fa5dbe90a
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-02-08 23:29:05 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:40:48 +0000

    Fix blackhole/reject routes.
    
    Traditionally *BSD routing stack required to supply some
     interface data for blackhole/reject routes. This lead to
     varieties of hacks in routing daemons when inserting such routes.
    With the recent routeing stack changes, gateway sockaddr without
     RTF_GATEWAY started to be treated differently, purely as link
     identifier.
    
    This change broke net/bird, which installs blackhole routes with
     127.0.0.1 gateway without RTF_GATEWAY flags.
    
    Fix this by automatically constructing necessary gateway data at
     rtsock level if RTF_REJECT/RTF_BLACKHOLE is set.
    
    Reported by:    Marek Zarychta <zarychtam at plan-b.pwste.edu.pl>
    Reviewed by:    donner
    Approved by:    re (gjb)
    
    (cherry picked from commit 3489286a5f368e7fcf11a9691f9bb5df77abe9a3)
---
 sys/net/rtsock.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 60 insertions(+), 2 deletions(-)

diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
index d9294441b2bc..f13c3189ba26 100644
--- a/sys/net/rtsock.c
+++ b/sys/net/rtsock.c
@@ -564,6 +564,54 @@ rtm_get_jailed(struct rt_addrinfo *info, struct ifnet *ifp,
 	return (0);
 }
 
+static int
+fill_blackholeinfo(struct rt_addrinfo *info, union sockaddr_union *saun)
+{
+	struct ifaddr *ifa;
+	sa_family_t saf;
+
+	if (V_loif == NULL) {
+		printf("Unable to add blackhole/reject nhop without loopback");
+		return (ENOTSUP);
+	}
+	info->rti_ifp = V_loif;
+
+	saf = info->rti_info[RTAX_DST]->sa_family;
+
+	CK_STAILQ_FOREACH(ifa, &info->rti_ifp->if_addrhead, ifa_link) {
+		if (ifa->ifa_addr->sa_family == saf) {
+			info->rti_ifa = ifa;
+			break;
+		}
+	}
+	if (info->rti_ifa == NULL)
+		return (ENOTSUP);
+
+	bzero(saun, sizeof(union sockaddr_union));
+	switch (saf) {
+#ifdef INET
+	case AF_INET:
+		saun->sin.sin_family = AF_INET;
+		saun->sin.sin_len = sizeof(struct sockaddr_in);
+		saun->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+		break;
+#endif
+#ifdef INET6
+	case AF_INET6:
+		saun->sin6.sin6_family = AF_INET6;
+		saun->sin6.sin6_len = sizeof(struct sockaddr_in6);
+		saun->sin6.sin6_addr = in6addr_loopback;
+		break;
+#endif
+	default:
+		return (ENOTSUP);
+	}
+	info->rti_info[RTAX_GATEWAY] = &saun->sa;
+	info->rti_flags |= RTF_GATEWAY;
+
+	return (0);
+}
+
 /*
  * Fills in @info based on userland-provided @rtm message.
  *
@@ -951,7 +999,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
 #endif
 	int alloc_len = 0, len, error = 0, fibnum;
 	sa_family_t saf = AF_UNSPEC;
-	struct walkarg w;
 	struct rib_cmd_info rc;
 	struct nhop_object *nh;
 
@@ -979,7 +1026,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
 
 	m_copydata(m, 0, len, (caddr_t)rtm);
 	bzero(&info, sizeof(info));
-	bzero(&w, sizeof(w));
 	nh = NULL;
 
 	if (rtm->rtm_version != RTM_VERSION) {
@@ -1011,6 +1057,18 @@ route_output(struct mbuf *m, struct socket *so, ...)
 		goto flush;
 	}
 
+	union sockaddr_union gw_saun;
+	int blackhole_flags = rtm->rtm_flags & (RTF_BLACKHOLE|RTF_REJECT);
+	if (blackhole_flags != 0) {
+		if (blackhole_flags != (RTF_BLACKHOLE | RTF_REJECT))
+			error = fill_blackholeinfo(&info, &gw_saun);
+		else
+			error = EINVAL;
+		if (error != 0)
+			senderr(error);
+		/* TODO: rebuild rtm from scratch */
+	}
+
 	switch (rtm->rtm_type) {
 	case RTM_ADD:
 	case RTM_CHANGE:

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:50:24 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4A67D5AE240;
 Sun, 28 Mar 2021 20:50:24 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nsX1XZqz3MQd;
 Sun, 28 Mar 2021 20:50:24 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2614426A61;
 Sun, 28 Mar 2021 20:50:24 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKoOZr011971;
 Sun, 28 Mar 2021 20:50:24 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKoOxr011970;
 Sun, 28 Mar 2021 20:50:24 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:50:24 GMT
Message-Id: <202103282050.12SKoOxr011970@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 6f4f8a441aaa - releng/13.0 - Flush remaining routes from the
 routing table during VNET shutdown.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 6f4f8a441aaab2e23a8e70ed0689daa05cec3ef4
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:50:24 -0000

The branch releng/13.0 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=6f4f8a441aaab2e23a8e70ed0689daa05cec3ef4

commit 6f4f8a441aaab2e23a8e70ed0689daa05cec3ef4
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-08 21:35:41 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:40:48 +0000

    Flush remaining routes from the routing table during VNET shutdown.
    
    Summary:
    This fixes rtentry leak for the cloned interfaces created inside the
     VNET.
    
    Loopback teardown order is `SI_SUB_INIT_IF`, which happens after `SI_SUB_PROTO_DOMAIN` (route table teardown).
    Thus, any route table operations are too late to schedule.
    As the intent of the vnet teardown procedures to minimise the amount of effort by doing global cleanups instead of per-interface ones, address this by adding a relatively light-weight routing table cleanup function, `rib_flush_routes()`.
    It removes all remaining routes from the routing table and schedules the deletion, which will happen later, when `rtables_destroy()` waits for the current epoch to finish.
    
    Test Plan:
    ```
    set_skip:set_skip_group_lo  ->  passed  [0.053s]
    tail -n 200 /var/log/messages | grep rtentry
    ```
    
    PR:             253998
    Reported by:    rashey at superbox.pl
    Reviewed By:    kp
    Approved by:    re (gjb)
    Differential Revision: https://reviews.freebsd.org/D29116
    
    (cherry picked from commit 8aafa7a0276302a0dcc3d0bd78b4d3842dfd1640)
---
 sys/net/route.c           | 15 ---------------
 sys/net/route.h           |  2 +-
 sys/net/route/route_ctl.c | 36 ++++++++++++++++++++++++++++++++++++
 sys/netinet/ip_input.c    |  6 +-----
 sys/netinet6/ip6_input.c  |  5 +++--
 5 files changed, 41 insertions(+), 23 deletions(-)

diff --git a/sys/net/route.c b/sys/net/route.c
index a68e46c37861..f07cb3f6581a 100644
--- a/sys/net/route.c
+++ b/sys/net/route.c
@@ -495,21 +495,6 @@ rt_ifdelroute(const struct rtentry *rt, const struct nhop_object *nh, void *arg)
 	return (1);
 }
 
-/*
- * Delete all remaining routes using this interface
- * Unfortuneatly the only way to do this is to slog through
- * the entire routing table looking for routes which point
- * to this interface...oh well...
- */
-void
-rt_flushifroutes_af(struct ifnet *ifp, int af)
-{
-	KASSERT((af >= 1 && af <= AF_MAX), ("%s: af %d not >= 1 and <= %d",
-	    __func__, af, AF_MAX));
-
-	rib_foreach_table_walk_del(af, rt_ifdelroute, ifp);
-}
-
 void
 rt_flushifroutes(struct ifnet *ifp)
 {
diff --git a/sys/net/route.h b/sys/net/route.h
index f9928ab6a776..55b075e51c01 100644
--- a/sys/net/route.h
+++ b/sys/net/route.h
@@ -429,7 +429,6 @@ struct sockaddr *rtsock_fix_netmask(const struct sockaddr *dst,
 
 void	rt_updatemtu(struct ifnet *);
 
-void	rt_flushifroutes_af(struct ifnet *, int);
 void	rt_flushifroutes(struct ifnet *ifp);
 
 /* XXX MRT NEW VERSIONS THAT USE FIBs
@@ -442,6 +441,7 @@ int	rib_lookup_info(uint32_t, const struct sockaddr *, uint32_t, uint32_t,
 void	rib_free_info(struct rt_addrinfo *info);
 
 /* New API */
+void rib_flush_routes_family(int family);
 struct nhop_object *rib_lookup(uint32_t fibnum, const struct sockaddr *dst,
 	    uint32_t flags, uint32_t flowid);
 #endif
diff --git a/sys/net/route/route_ctl.c b/sys/net/route/route_ctl.c
index 9aedfb9d5855..46e0bcfee6b7 100644
--- a/sys/net/route/route_ctl.c
+++ b/sys/net/route/route_ctl.c
@@ -1341,6 +1341,42 @@ rib_walk_del(u_int fibnum, int family, rib_filter_f_t *filter_f, void *arg, bool
 	NET_EPOCH_EXIT(et);
 }
 
+static int
+rt_delete_unconditional(struct radix_node *rn, void *arg)
+{
+	struct rtentry *rt = RNTORT(rn);
+	struct rib_head *rnh = (struct rib_head *)arg;
+
+	rn = rnh->rnh_deladdr(rt_key(rt), rt_mask(rt), &rnh->head);
+	if (RNTORT(rn) == rt)
+		rtfree(rt);
+
+	return (0);
+}
+
+/*
+ * Removes all routes from the routing table without executing notifications.
+ * rtentres will be removed after the end of a current epoch.
+ */
+static void
+rib_flush_routes(struct rib_head *rnh)
+{
+	RIB_WLOCK(rnh);
+	rnh->rnh_walktree(&rnh->head, rt_delete_unconditional, rnh);
+	RIB_WUNLOCK(rnh);
+}
+
+void
+rib_flush_routes_family(int family)
+{
+	struct rib_head *rnh;
+
+	for (uint32_t fibnum = 0; fibnum < rt_numfibs; fibnum++) {
+		if ((rnh = rt_tables_get_rnh(fibnum, family)) != NULL)
+			rib_flush_routes(rnh);
+	}
+}
+
 static void
 rib_notify(struct rib_head *rnh, enum rib_subscription_type type,
     struct rib_cmd_info *rc)
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index be21decff6cb..a85f8ac7b567 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -379,7 +379,6 @@ ip_init(void)
 static void
 ip_destroy(void *unused __unused)
 {
-	struct ifnet *ifp;
 	int error;
 
 #ifdef	RSS
@@ -405,10 +404,7 @@ ip_destroy(void *unused __unused)
 	in_ifscrub_all();
 
 	/* Make sure the IPv4 routes are gone as well. */
-	IFNET_RLOCK();
-	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link)
-		rt_flushifroutes_af(ifp, AF_INET);
-	IFNET_RUNLOCK();
+	rib_flush_routes_family(AF_INET);
 
 	/* Destroy IP reassembly queue. */
 	ipreass_destroy();
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c
index 8f500cb87bfe..af2d262e4ff3 100644
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c
@@ -386,11 +386,12 @@ ip6_destroy(void *unused __unused)
 		/* IF_ADDR_UNLOCK(ifp); */
 		in6_ifdetach_destroy(ifp);
 		mld_domifdetach(ifp);
-		/* Make sure any routes are gone as well. */
-		rt_flushifroutes_af(ifp, AF_INET6);
 	}
 	IFNET_RUNLOCK();
 
+	/* Make sure any routes are gone as well. */
+	rib_flush_routes_family(AF_INET6);
+
 	frag6_destroy();
 	nd6_destroy();
 	in6_ifattach_destroy();

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:50:26 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 12E6F5AE306;
 Sun, 28 Mar 2021 20:50:26 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nsY3pDcz3MT1;
 Sun, 28 Mar 2021 20:50:25 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4CB5026A62;
 Sun, 28 Mar 2021 20:50:25 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKoPmr011994;
 Sun, 28 Mar 2021 20:50:25 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKoPSU011993;
 Sun, 28 Mar 2021 20:50:25 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:50:25 GMT
Message-Id: <202103282050.12SKoPSU011993@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 589d5d28a811 - releng/13.0 - Fix kassert panic when inserting
 multipath routes from multiple threads.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 589d5d28a8119dac166346f890fa450e1b7b489c
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:50:26 -0000

The branch releng/13.0 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=589d5d28a8119dac166346f890fa450e1b7b489c

commit 589d5d28a8119dac166346f890fa450e1b7b489c
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-21 18:15:29 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:40:48 +0000

    Fix kassert panic when inserting multipath routes from multiple threads.
    
    Reported by:    Marco Zec <zec at fer.hr>
    Approved by:    re (gjb)
    
    (cherry picked from commit 42f997d9b721ce5b64c37958f21fa81630f5a224)
---
 sys/net/route/nhgrp_ctl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/net/route/nhgrp_ctl.c b/sys/net/route/nhgrp_ctl.c
index c2119506370f..b329b907144f 100644
--- a/sys/net/route/nhgrp_ctl.c
+++ b/sys/net/route/nhgrp_ctl.c
@@ -488,7 +488,9 @@ get_nhgrp(struct nh_control *ctl, struct weightened_nhop *wn, int num_nhops,
 		if (link_nhgrp(ctl, key) == 0) {
 			/* Unable to allocate index? */
 			*perror = EAGAIN;
-			destroy_nhgrp(key);
+			free_nhgrp_nhops(key);
+			destroy_nhgrp_int(key);
+			return (NULL);
 		}
 		*perror = 0;
 		return (key);

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:50:27 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 34EFB5AE308;
 Sun, 28 Mar 2021 20:50:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nsZ5NtKz3M7B;
 Sun, 28 Mar 2021 20:50:26 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 79DD0269C2;
 Sun, 28 Mar 2021 20:50:26 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKoQMS012016;
 Sun, 28 Mar 2021 20:50:26 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKoQE5012015;
 Sun, 28 Mar 2021 20:50:26 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:50:26 GMT
Message-Id: <202103282050.12SKoQE5012015@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 3765afa4dacf - releng/13.0 - Fix panic when destroying interface
 with ECMP routes.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 3765afa4dacf5850de984fede7f9b26760efac73
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:50:28 -0000

The branch releng/13.0 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=3765afa4dacf5850de984fede7f9b26760efac73

commit 3765afa4dacf5850de984fede7f9b26760efac73
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-23 22:00:04 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:40:48 +0000

    Fix panic when destroying interface with ECMP routes.
    
    Reported by:    Zhenlei Huang <zlei.huang at gmail.com>
    PR:             254496
    Approved by:    re (gjb)
    
    (cherry picked from commit af85312e8a6f34ea7c8af77b9841fab6b5559e25)
---
 sys/net/route/route_ctl.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/sys/net/route/route_ctl.c b/sys/net/route/route_ctl.c
index 46e0bcfee6b7..58b89c28f945 100644
--- a/sys/net/route/route_ctl.c
+++ b/sys/net/route/route_ctl.c
@@ -130,16 +130,25 @@ vnet_rtzone_destroy()
 static void
 destroy_rtentry(struct rtentry *rt)
 {
+	struct nhop_object *nh = rt->rt_nhop;
 
 	/*
 	 * At this moment rnh, nh_control may be already freed.
 	 * nhop interface may have been migrated to a different vnet.
 	 * Use vnet stored in the nexthop to delete the entry.
 	 */
-	CURVNET_SET(nhop_get_vnet(rt->rt_nhop));
+#ifdef ROUTE_MPATH
+	if (NH_IS_NHGRP(nh)) {
+		struct weightened_nhop *wn;
+		uint32_t num_nhops;
+		wn = nhgrp_get_nhops((struct nhgrp_object *)nh, &num_nhops);
+		nh = wn[0].nh;
+	}
+#endif
+	CURVNET_SET(nhop_get_vnet(nh));
 
 	/* Unreference nexthop */
-	nhop_free_any(rt->rt_nhop);
+	nhop_free_any(nh);
 
 	uma_zfree(V_rtzone, rt);
 

From owner-dev-commits-src-branches@freebsd.org  Sun Mar 28 20:50:29 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 144925AE1B8;
 Sun, 28 Mar 2021 20:50:29 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F7nsc0kyWz3M9C;
 Sun, 28 Mar 2021 20:50:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8E1D7269C3;
 Sun, 28 Mar 2021 20:50:27 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12SKoRZK012034;
 Sun, 28 Mar 2021 20:50:27 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12SKoR9P012033;
 Sun, 28 Mar 2021 20:50:27 GMT (envelope-from git)
Date: Sun, 28 Mar 2021 20:50:27 GMT
Message-Id: <202103282050.12SKoR9P012033@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 411cbdb1f298 - releng/13.0 - Plug nexthop group refcount leak.
 In case with batch route delete via rib_walk_del(),
 when  some paths from the multipath route gets deleted,
 old  multipath group were not freed.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: 411cbdb1f298880a0100a633cd0508b70ac4c924
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 20:50:29 -0000

The branch releng/13.0 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=411cbdb1f298880a0100a633cd0508b70ac4c924

commit 411cbdb1f298880a0100a633cd0508b70ac4c924
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-03-24 23:51:45 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-28 20:40:48 +0000

    Plug nexthop group refcount leak.
    In case with batch route delete via rib_walk_del(), when
     some paths from the multipath route gets deleted, old
     multipath group were not freed.
    
    PR:    254496
    Reported by:   Zhenlei Huang <zlei.huang@gmail.com>
    Approved by:    re (gjb)
    
    (cherry picked from commit 47c00a9835926e96e562c67fa28e4432e99d9c56)
---
 sys/net/route/route_ctl.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/sys/net/route/route_ctl.c b/sys/net/route/route_ctl.c
index 58b89c28f945..af3853041ac6 100644
--- a/sys/net/route/route_ctl.c
+++ b/sys/net/route/route_ctl.c
@@ -130,6 +130,7 @@ vnet_rtzone_destroy()
 static void
 destroy_rtentry(struct rtentry *rt)
 {
+#ifdef VIMAGE
 	struct nhop_object *nh = rt->rt_nhop;
 
 	/*
@@ -146,9 +147,10 @@ destroy_rtentry(struct rtentry *rt)
 	}
 #endif
 	CURVNET_SET(nhop_get_vnet(nh));
+#endif
 
 	/* Unreference nexthop */
-	nhop_free_any(nh);
+	nhop_free_any(rt->rt_nhop);
 
 	uma_zfree(V_rtzone, rt);
 
@@ -1252,7 +1254,6 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	struct rt_delinfo *di;
 	struct rt_addrinfo *info;
 	struct rtentry *rt;
-	int error;
 
 	di = (struct rt_delinfo *)arg;
 	rt = (struct rtentry *)rn;
@@ -1261,7 +1262,8 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	info->rti_info[RTAX_DST] = rt_key(rt);
 	info->rti_info[RTAX_NETMASK] = rt_mask(rt);
 
-	error = rt_unlinkrte(di->rnh, info, &di->rc);
+	if (rt_unlinkrte(di->rnh, info, &di->rc) != 0)
+		return (0);
 
 	/*
 	 * Add deleted rtentries to the list to GC them
@@ -1270,10 +1272,18 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 	 * XXX: Delayed notifications not implemented
 	 *  for nexthop updates.
 	 */
-	if ((error == 0) && (di->rc.rc_cmd == RTM_DELETE)) {
+	if (di->rc.rc_cmd == RTM_DELETE) {
 		/* Add to the list and return */
 		rt->rt_chain = di->head;
 		di->head = rt;
+#ifdef ROUTE_MPATH
+	} else {
+		/*
+		 * RTM_CHANGE to a diferent nexthop or nexthop group.
+		 * Free old multipath group.
+		 */
+		nhop_free_any(di->rc.rc_nh_old);
+#endif
 	}
 
 	return (0);