flak rss random

openbsd changes of note 626

Hackerthon is imminent.

There are two signals one can receive after accessing invalid memory, SIGBUS and SIGSEGV. Nobody seems to know what the difference is or should be, although some theories have been unearthed. Make some attempt to be slightly more consistent and predictable in OpenBSD.

Introduces jiffies in an effort to appease our penguin oppressors.

Clarify that IP.OF.UPSTREAM.RESOLVER is not actually the hostname of a server you can use.

Switch acpibat to use _BIX before _BIF, which means you might see discharge cycle counts, too.

Assorted clang compatibility. clang uses -Oz to mean optimize for size and -Os for something else, so make gcc accept -Oz so all makefiles can be the same. Adjust some hardlinks. Make sure we build gcc with gcc.

The SSL_check_private_key function is a lie.

Switch the amd64 and i386 compiler to clang and see what happens.

We are moving towards using wscons (wstpad) as the driver for touchpads.

Dancing with the stars, er, NET_LOCK().

clang emits lots of warnings. Fix some of them. Turn off a bunch of clang builtins because we have a strong preference that code use our libc versions. Some other changes because clang is not gcc.

Among other curiosities, static variables in the special .openbsd.randomdata are sometimes assumed to be all zero, leading the clang optimizer to eliminate reads of such variables.

Some more pledge rules for sed. If the script doesn’t require opening new files, don’t let it.

Backport a bajillion fixes to stable. Release errata.

RFC 1885 was obsoleted nearly 20 years ago by RFC 2463 which was obsoleted over 10 years ago by RFC 4443. We are probably not going back.

Update libexpat to 2.2.3.

vmm: support more than 3855MB guest memory.

Merge libdrm 2.4.82.

Disable SSE optimizations on i386/amd64 for SlowBcopy. It is supposed to be slow. Prevents crashes when talking to memory mapped video memory in a hypervisor.

Posted 08 Aug 2017 21:59 by tedu Updated: 08 Aug 2017 21:59
Tagged: openbsd

books chapter seven

Lucky sevens.

more...

Posted 05 Aug 2017 19:37 by tedu Updated: 05 Aug 2017 19:37
Tagged: bookreview

books chapter six

Making some headway.

more...

Posted 28 Jul 2017 16:45 by tedu Updated: 28 Jul 2017 16:45
Tagged: bookreview

hurray we won

A few thoughts after reading Are all BSDs created equally? by Ilja van Sprundel. Theo says OpenBSD is the best, Ilja fact checks.

more...

Posted 28 Jul 2017 02:17 by tedu Updated: 28 Jul 2017 02:17
Tagged: openbsd security software thoughts

life off the chain

A few notes about gathered experiences with https certs not part of the traditional chain.

more...

Posted 27 Jul 2017 18:54 by tedu Updated: 27 Jul 2017 18:54
Tagged: software web

light screens vs dark screens

How best to use a computer at night?

more...

Posted 27 Jul 2017 18:54 by tedu Updated: 10 Aug 2017 15:12
Tagged: computers software

books chapter five

A few different perspectives this week.

more...

Posted 21 Jul 2017 18:02 by tedu Updated: 21 Jul 2017 18:02
Tagged: bookreview

openbsd changes of note 625

Halcyon changes of summer.

Continue with some cleanup and improvement of the depend step of building. Lots of little things to support lex and yacc better as well.

Intel Optane parts are leaking into the wild, some driver fixes to support them.

Add support for pattern substitution to variables in ksh using a common syntax borrowed from ksh93. Or not, reverted.

Deprecate fgetln.

Add detection for missing X sets to syspatch.

Refinement of the inteldrm code, including better backlight support.

A special edition of slaacd for the installer.

After much wailing and gnashing of teeth, fix strtol to parse strings like “0xridiculous”.

A fix for malloc and zero sized allocations when using canaries.

Add the ability to pause and unpause VMs in vmd.

Remove “listen secure” syntax from smtpd.conf. It’s broken since a couple of months and noone complained.

Remove sending of router solicitations and processing of router advertisements from the kernel.

The lidsuspend sysctl has been fully replaced by lidaction.

Fix fortune to filter out unprintable characters. Convert the fortune files to using UTF-8 instead of archaic overprinting. Fortunes with unprintable words may still be obtained with the -o option.

Introduce some quirks to the IDE and ATA code to prevent drives from attaching twice on hyper-v.

Add vmctl send and receive as well.

Update to xterm 330.

Remove some magic cleanup from dhclient. It will not deliberately attempt to interfere with other operations on the same interface.

Update libexpat to 2.2.2. Fixes NULL parser dereference.

Ilja Van Sprundel found a whole mess of kernel bugs in this and that. Some info leaks, some erroneous signal handling, some unbounded malloc calls. Lions, tigers, bears. Try to fix them.

Posted 20 Jul 2017 22:15 by tedu Updated: 20 Jul 2017 22:15
Tagged: openbsd

moving to https

The time has finally come to switch everything to https. Actually, I’ve been using https for a while, but now it’s time to inflict, er invite, everyone else along for the ride.

more...

Posted 18 Jul 2017 15:12 by tedu Updated: 21 Jul 2017 22:29
Tagged: flak security thoughts web

books chapter four

Keep it simple.

more...

Posted 14 Jul 2017 15:36 by tedu Updated: 14 Jul 2017 15:36
Tagged: bookreview