Build date: 1732489203 - Sun Nov 24 23:00:03 UTC 2024
Build cvs date: 1732488414 - Sun Nov 24 22:46:54 UTC 2024
Build id: 2024-11-25.1
Build tags: amd64-regress ports sysupgrade

Applied the following diff(s):
/home/anton/tmp/robsd/src-ptrace-xstate.diff
/home/anton/tmp/robsd/src-sys-em.diff
/home/anton/tmp/robsd/src-sys-newvers.diff
/home/anton/tmp/robsd/src-sys-uhidev-sispm.diff
/home/anton/tmp/robsd/src-sysupgrade.diff

? regress/sys/kern/ptrace/xstate
P lib/libcrypto/ec/ec_curve.c
P lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
P regress/lib/libcrypto/ec/ec_asn1_test.c
P regress/lib/libcrypto/ecdh/ecc_cdh.c
P regress/lib/libcrypto/ecdh/ecdhtest.c
P regress/lib/libcrypto/wycheproof/wycheproof.go
P sbin/unwind/frontend.c
P sbin/unwind/unwind.conf.5
P sys/dev/fdt/rkclock.c
P sys/dev/fdt/rkusbphy.c
P sys/kern/kern_sched.c
P sys/kern/kern_sig.c
P sys/kern/sched_bsd.c
P usr.sbin/fw_update/fw_update.sh
P usr.sbin/vmd/priv.c

commit bT30XTXzoWhzhk4P
Author: kettenis
Date: 2024/11/24 22:46:54

  Add RK3399 support.

  From Paul Fertser.
  ok dlg@

  sys/dev/fdt/rkusbphy.c

commit h1prUe6jWLamNbAn
Author: kettenis
Date: 2024/11/24 22:19:59

  Fix RK3399 USB clock gates.
  From Paul Fertser.

  ok dlg@

  sys/dev/fdt/rkclock.c

commit bnG1ZoCNeZ4NMCX7
Author: afresh1
Date: 2024/11/24 21:27:04

  Make fw_update -d behave like the manual says

  The manual says without -a or any drivers specified, fw_update -d
  will delete all firmware not required by a driver, and now it does.

  While here, slightly improve function name.

  usr.sbin/fw_update/fw_update.sh

commit S5JkWJvVo3sth1cC
Author: schwarze
Date: 2024/11/24 14:48:12

  Fix some inaccuracies and gaps in the paragraph i wrote about CMAC
  such that it becomes intelligible but not too long or prominent.
  In particular, don't talk about EVP_PKEY_CTX_new(3), don't forget to
  mention EVP_PKEY_keygen(3), mention EVP_PKEY_OP_KEYGEN, and mention
  how to proceed once you have the desired EVP_PKEY object in hand.

  Substantial feedback and OK tb@.

  lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3

commit eWx3UBk7JnveCjzv
Author: claudio
Date: 2024/11/24 13:05:14

  Add KASSERT on P_WSLEEP in setrunqueue() and sched_chooseproc().

  P_WSLEEP indicates that the thread is still on a CPU executing and
  has not yet mi_switched away to sleep. So it is a bug to make such
  a thread runnable or even worse try to switch to it.
  OK mpi@

  sys/kern/kern_sched.c

commit dOA8VdWaxLyWlP5e
Author: claudio
Date: 2024/11/24 13:02:37

  In setrunnable() also check for P_WSLEEP in the SSTOP case.
  If a thread is quickly stopped and continued then it is possible that
  all of this happens between sleep_setup and sleep_finish and so this
  code needs to check for P_WSLEEP so that a still running thread is
  put onto the runqueue.
  OK mpi@

  sys/kern/sched_bsd.c

commit DlXmq3SgN2yMermG
Author: claudio
Date: 2024/11/24 12:58:06

  Do not clear P_WSLEEP in ptsigna's SIGCONT handling. cursig() no longer
  stops threads while called during the sleep transition and so there is
  no need to clear P_WSLEEP.
  OK mpi@

  sys/kern/kern_sig.c

commit zyjThJx9Xlp1qa1W
Author: kirill
Date: 2024/11/24 11:33:34

  unwind: support wildcard in blacklist

  Any domain in the blacklist that starts with '.', which is not a legal
  name due to an empty label, is treated as any subdomain on that zone.

  This means that .example.com blocks all requests to any subdomain of
  example.com, but allows example.com.

  No objections: florian@ OK: kn@

  sbin/unwind/frontend.c
  sbin/unwind/unwind.conf.5

commit wHfbJYs6awa14KHm
Author: kn
Date: 2024/11/24 10:44:59

  simpler ifaliasreq sockaddr filling

  Rather than setting the destination struct member's size in an
  AF-specific way only to read from and then overwrite it with
  memcpy, use the destination size directly.

  OK mlarkin

  usr.sbin/vmd/priv.c

commit Q28KgIFGlupyJZpZ
Author: tb
Date: 2024/11/24 10:13:16

  Disable regression tests for small builtin curves

  regress/lib/libcrypto/ec/ec_asn1_test.c
  regress/lib/libcrypto/ecdh/ecc_cdh.c
  regress/lib/libcrypto/ecdh/ecdhtest.c
  regress/lib/libcrypto/wycheproof/wycheproof.go

commit HQOXtZafLbiIPiyc
Author: tb
Date: 2024/11/24 10:12:05

  Disable small builtin curves

  This disables all the curves over fields < 224 bits and a few others.
  Specifically:

  SECG: 112r1 112r2 128r1 128r2 160k1 160r1 160r2 192k1 192r1 192v{1,2,3}
  WTLS: 6 7 8 9 12
  Brainpool: P160r1 P160t1 P192r1 P192t1

  These are below or at the limit of what is acceptable nowadays. This is
  less aggressive than what some enterprise linux distributions are using
  in their patched OpenSSL versions where everything over fields < 256 bits
  is disabled with the exception of P-224, so interoperability should not
  be a problem.

  The curves are left in the tree for now and can be re-enabled by compiling
  libcrypto with -DENABLE_SMALL_CURVES. They will be fully removed later.

  One nice benefit of doing this is that the incorrect parameters for WTLS 7
  are fixed (obviously nobody uses this one) and now all the builtin curves
  have a unique corresponding OID (nid).

  Something like this was suggested a while back by beck, makes sense to sthen

  ok jsing

  lib/libcrypto/ec/ec_curve.c