Build date: 1777932003 - Mon May 4 22:00:03 UTC 2026 Build cvs date: 1777927476 - Mon May 4 20:44:36 UTC 2026 Build id: 2026-05-05.1 Build tags: amd64-regress ports sysupgrade Applied the following diff(s): /home/anton/tmp/robsd/src-sys-em.diff /home/anton/tmp/robsd/src-sys-uhidev-sispm.diff /home/anton/tmp/robsd/src-sysupgrade.diff P lib/libcrypto/mlkem/mlkem_internal.c P lib/libcrypto/x509/x509_verify.c P regress/lib/libcrypto/certs/README P regress/lib/libcrypto/wycheproof/wycheproof.go P regress/lib/libcrypto/x509/callback.c P regress/lib/libcrypto/x509/verify.c P regress/usr.bin/ssh/kbdint.sh P share/man/man4/Makefile U share/man/man4/rkotp.4 P sys/arch/arm64/arm64/locore.S P sys/arch/arm64/conf/GENERIC P sys/arch/arm64/dev/agtimer.c P sys/arch/arm64/include/armreg.h P sys/dev/fdt/files.fdt P sys/dev/fdt/rkclock.c P sys/dev/fdt/rkclock_clocks.h P sys/dev/fdt/rkcomphy.c U sys/dev/fdt/rkotp.c P sys/dev/fdt/rkpmic.c P sys/dev/fdt/rktemp.c P sys/dev/fdt/rkvop.c P sys/dev/pci/drm/drm_bridge.c P sys/dev/pci/drm/include/drm/drm_bridge.h M sys/dev/usb/uhidev.c P sys/nfs/nfs_serv.c P usr.bin/awk/awk.1 M usr.sbin/bgpd/session.c P usr.sbin/rpki-client/ccr.c P usr.sbin/rpki-client/print.c commit 5NAaEDYicu1DxNly Author: tb Date: 2026/05/04 20:44:36 mlkem: also zero the failure_key from logan https://github.com/libressl/openbsd/pull/154 lib/libcrypto/mlkem/mlkem_internal.c commit pCu6f5WYH3zHsStl Author: kettenis Date: 2026/05/04 20:43:42 Pick the correct interrupt for the virtual timer if we're running in EL2. Based on a diff from Marc Zyngier. ok jsg@ sys/arch/arm64/dev/agtimer.c sys/arch/arm64/include/armreg.h commit AzMCzSiPR2r9zPPF Author: kettenis Date: 2026/05/04 20:21:02 Handle HCR_EL2.E2H RES1 behaviour An implementation is allowed to make HCR_EL2.E2H RES1, which means that the CPU behaves as if this bit was 1, even if it reads as 0 or can be written with 0. While the architecture advertises this via ID_AA64MMFR4_EL1.E2H0, hypervisors cannot always expose this to a guest if the hardware doesn't implemtn FEAT_FGT. Instead, detect the effects of HCR_EL2.E2H being RES1 by checking for the aliasing property between accessors targetting the same register (FAR_ELx in this case). This gives a reliable litmus test for CPUs that are stuck in VHE mode. From Marc Zyngier sys/arch/arm64/arm64/locore.S commit HhuCtDUdpXOIZFVX Author: kettenis Date: 2026/05/04 20:18:42 When running in VHE host mode, HCR_EL2.TGE must be set, as otherwise a bunch of problems occur: - EL0 is guest EL0, not host, and the kernel will catch fire on the first ERET to EL0 - EL1 TLB invalidations target the guest, and not the host Make sure that HCR_EL2.TGE is set, instead of relying on firmware to have set it (when booting with UEFI, only the first CPU is correctly configured). From Marc Zyngier sys/arch/arm64/arm64/locore.S commit cYb2quNDpwzR5kZ9 Author: kettenis Date: 2026/05/04 19:44:29 rkotp(4) share/man/man4/Makefile share/man/man4/rkotp.4 commit jV5Rdg24WAax42Vx Author: tb Date: 2026/05/04 19:15:45 wycheproof.go: simplfiy for loop regress/lib/libcrypto/wycheproof/wycheproof.go commit CElKduz8pOtwsax1 Author: tb Date: 2026/05/04 19:11:01 wycheproof: go fmt regress/lib/libcrypto/wycheproof/wycheproof.go commit JVkzHSXnRtcOm5tA Author: job Date: 2026/05/04 17:39:35 Explicitly check mostRecentUpdate on otherwise empty ManifestState OK tb@ usr.sbin/rpki-client/ccr.c commit cSzdcZKpIEVOLeOU Author: job Date: 2026/05/04 17:34:57 When printing a CCR's ManifestState, sort the entries by AKI Sorting this particular listing by AKI (instead of by hash of the Manifest object) makes diffs between CCRs much more readable. With & OK tb@ usr.sbin/rpki-client/print.c commit cpeFK7XaA5ll5u3G Author: millert Date: 2026/05/04 17:05:59 Add checks for invalid dir count and max size for readdir/readdirplus. A zero count or max size value is now rejected early instead of relying on VOP_GETATTR to return an error. Also verify that the max size after rounding up to a multiple of DIRBLKSIZ is positive. A negative value would turn into a large allocation, causing the malloc() to fail. From an LLM bug report. With help from miod@ and kirill@. sys/nfs/nfs_serv.c commit FtgG4YXikd29hlMi Author: kettenis Date: 2026/05/04 16:08:57 Unstub select_bus_fmt_recursive(). This fixes output on the HDMI port on my firefly-rk3399. ok jsg@ sys/dev/pci/drm/drm_bridge.c sys/dev/pci/drm/include/drm/drm_bridge.h commit EwOumB6l0FgDj9af Author: tb Date: 2026/05/04 14:00:34 certs/README: fix previous: 14b should fail to verify regress/lib/libcrypto/certs/README commit LBjUBUIGfwAykcO7 Author: tb Date: 2026/05/04 13:55:20 verifier: re-enable the callback override for depth kirill reported that his nginx reverse proxy setup stopped working with x509_verify.c r1.74 and r1.75. It turns out that nginx relies on a verify callback that always returns 1. In revision 1.74 we removed the possibility of the verify_cb() to override X509_V_ERR_CERT_CHAIN_TOO_LONG, which is what breaks the config in kirill's setup since it used to use the nginx default of setting the depth to 1. Re-enable this to make the new scenario "2a with depth 1 and depth callback" pass. As shown by the other new test scenario "14b with yolo calback" with a "just say yes" cb, the guard added in r1.74 still prevents the overwrite. This makes kirill's reproducer work as verified by kirill and myself. It was also tested by kirill in the real life setup. discussed with beck ok jsing kenjiro lib/libcrypto/x509/x509_verify.c commit vc1AErqrTzOYGRZT Author: tb Date: 2026/05/04 13:52:39 libcrypto: extend verify and callback regress Add three more test variants for scenario 2a: 1) verify that a chain of length 3 validates with depth 2. 2) verify that a chain of length 3 fails to validate with depth 1. 3) verify that a chain of length 3 validates with depth 1 if we allow the callback to override the depth. Variant 3) fails in -current and reproduces a scenario reported by kirill. Also add two test variants for the scenarios in 14: 4): run the chain of length 32 with a yolo callback returning 1 5): run the chain of length 33 with a yolo callback returning 1 Test 5) fails because we currently bail out at the wrong depth. The verify callback should allow overriding the failure and will then hit the bounds check added in x509_verify.c r1.74 to avoid an overwrite. Reuse the existing test cases 2a and 14a/14b for this and add an optional vct->desc that uniquely identifies the test case. incorporates various feedback from jsing regress/lib/libcrypto/x509/callback.c regress/lib/libcrypto/x509/verify.c commit rjQehI9A2kRDACi5 Author: tb Date: 2026/05/04 13:49:07 verify regress: allow setting verify depth and callback This is pretty ugly and probably the the vct should be handed down to the verify_cert*() functions, but this works and doesn't make these tests any uglier than they already are. The callback regress was modified with a least effort approach. regress/lib/libcrypto/x509/callback.c regress/lib/libcrypto/x509/verify.c commit X5ru97dfSOMRQSH8 Author: kettenis Date: 2026/05/04 12:52:57 Also support DRM_FORMAT_XRGB8888; this gets rid of some warnings. ok jsg@ sys/dev/fdt/rkvop.c commit vGwsUinj8WT59xV1 Author: dtucker Date: 2026/05/04 10:57:24 Fix skip message. regress/usr.bin/ssh/kbdint.sh commit U2NvfT62Tu3NTH8d Author: kettenis Date: 2026/05/04 08:04:21 Add RK3576 support. ok patrick@, dlg@ sys/dev/fdt/rktemp.c commit x7t5Mxg8ztDDpVSM Author: kettenis Date: 2026/05/04 08:02:42 Enable rkotp(4). sys/arch/arm64/conf/GENERIC commit 644gE66evKci8JAq Author: kettenis Date: 2026/05/04 08:02:05 Add rkotp(4), a driver for reading the OTP fuses on Rockchip SoCs. ok patrick@, dlg@ sys/dev/fdt/files.fdt sys/dev/fdt/rkotp.c commit JALMo4DFlUsnVtap Author: kettenis Date: 2026/05/04 08:00:27 Add support for OTP related and temparature sensor related clocks and resets for the RK3576. ok patrick@, dlg@ sys/dev/fdt/rkclock.c sys/dev/fdt/rkclock_clocks.h commit a8XL0yVg0xDoWOi3 Author: kettenis Date: 2026/05/04 07:35:53 Add RK3576 support. ok jmatthew@, dlg@ sys/dev/fdt/rkcomphy.c commit CwZo6cxbiUPhzUtu Author: kettenis Date: 2026/05/04 07:33:22 The RK806 can be connected over I2C as well. ok dlg@, patrick@ sys/dev/fdt/rkpmic.c commit Cbom8MQWbGOc9HQs Author: daniel Date: 2026/05/03 23:06:15 awk(1): the flush function was added to POSIX.1-2024 Remove this function from the list of POSIX extensions. ok millert@ usr.bin/awk/awk.1