| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
after dbopen(3) occurs then all operations are on fds which don't need
rpath/wpath and therefore spamdb(8) only needs stdio at all times after the DB
was already open(2)ed
great input from semarie@ OK deraadt@
|
|
|
|
- rpath to traverse the filesystem(s)
- getpw to figure out who owns what
OK tb@ deraadt@
|
|
will be installed as /usr/bin/ld.bfd on supported systems. This allows
users to fall back on the old linker by using the -fuse-ld=bfd option on
systems where lld is the default linker.
Switch armv7 to use lld as the default linker. On arm64 we already use lld
as the default linker. Other platforms will keep using the GNU linker for
now.
ok patrick@, deraadt@, phessler@
|
|
ok jmc@, benno@, "yes" deraadt@
|
|
SPI controller in our tree. Add a basic generic SPI infrastructure as
well.
ok kettenis@
|
|
ok kettenis@
|
|
Don't allow unprivileged users to crash things from ring 3
Thanks to William McCall for the patch!
OK mlarkin@
|
|
|
|
|
|
and it always happens on 25xx controllers.
|
|
request ids. So far we were only able to have one command in flight
at a time and race conditions could easily lead to unexpected
behaviour. With this rework we send and enqueue a control packet
command and wait for replies to happen. Thus we can have multiple
control packets in flight and a reply with the correct id will wake
us up.
|
|
the network stack since the stack will create the node for us if we
pass the ibss stack. On assocation request the node already has to
exist, so we error out if we don't have a record of the node. Fixes
hostap on 5 GHz channels, since now the node's channel is recorded
correctly.
|
|
libcrypto. Initially this just covers RSA signatures, but can be extended
to cover other cryptographic algorithms.
This regress requires the go and wycheproof-testvector packages to be
installed, with the regress being skipped otherwise.
Discussed with beck@ and tb@
|
|
from Marcus MERIGHI; OK deraadt@ jmc@
|
|
ok markus
|
|
process. Use it for the reverse lookups required by smtp and mta.
Until now, DNS-related lookups were implemented using ad-hoc IMSGs
between the lka and other processes. It turns out to be confusing and
difficult to maintain/extend. So we want to replace this with a better
set of IMSGs matching the standard resolver interface.
ok gilles@
|
|
mta_session.c
spotted by deraadt@ and benno@
|
|
We strdup operands before destructively parsing them to keep w(1) output
looking nice and neat, but after parsing we ought to free them.
We do need to keep copies for file paths, though, so add additional strdups
for operands if and of.
While here, use the preferred err(1, NULL) for an allocation failure. Also
while here, don't assign `oper' to a copy of itself because it looks strange.
"sure." deraadt
|
|
|
|
|
|
instead of calling getpwuid() again and discarding the argument.
This prevents a client crash where tilde_expand_filename calls getpwuid()
again before the pwent pointer is used.
Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com>
ok djm@ deraadt@
|
|
|
|
^From separator and corrupt files
ok eric@
|
|
|
|
failure of assigning requested IP address on IPCP, it was mistakenly "-1"
on little endians. Found by IIJ.
|
|
ok patrick@
|
|
ok patrick@
|
|
|
|
From Bryan Vyhmeister
|
|
|
|
ok florian@
|
|
Add "Mitigation G-2" per AMD's Whitepaper "Software Techniques for
Managing Speculation on AMD Processors"
By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch serializing
instruction.
ok deraadt@
|
|
Marvell controller. The difference is essentially register offsets
and a clock divider calculation based on a power of two. Also this
particular hardware needs a delay after sending a stop and before
reading the status register since apparently the data doesn't
propagate fast enough. This makes sxitwi(4) work on the Marvell
Armada 38x.
ok kettenis@
|
|
slow booting up, so give it a bit longer to enable the clock.
ok patrick@
|
|
given an input/output ASM constraint...but I made it output-only, so the
compiler deleted the initialization.
reported by many, starting with Edd Barrett (edd(at)theunixzoo.co.uk)
|
|
during reload.
OK henning@
|
|
from Cameron Palmer
|
|
field in asp directly. This is a step to move the prefix from rde_aspath
to struct prefix.
OK benno@
|
|
This simply puts the wiggle around inet_ntop() from four into one location.
OK benno
|
|
`error' is not used so drop it and jump to the end.
OK sashan
|
|
not the address of its GOT entry. The current code mixed the high bits of
the GOT entry address with the low bits of the true address. This only
worked by accident for small binaries where _DYNAMIC and its GOT entry
happen to reside on the same page.
ok guenther@, mortimer@
|
|
properly. This had caused an panic when the mbuf pointer is updated.
Found by IIJ.
ok dlg
|
|
when vmlaunch or vmresume fails.
Follow the lead of clang and the intel recommendation and do an lfence
after the pause in the speculation-stop path for retpoline, RSB refill,
and meltover ASM bits.
ok kettenis@ deraadt@
|
|
improve readability and ease of maintenance.
Positive feedback jmc
Detailed suggestion & ok schwarze
|
|
ok tb@, claudio@
|
|
Managing Speculation on AMD Processors"
By setting MSR C001_1029[1]=1, LFENCE becomes a dispatch serializing
instruction.
Tested on AMD FX-4100 "Bulldozer", and Linux guest in SVM vmd(8)
ok deraadt@ mlarkin@
|
|
Large buffer sizes on 64-bit platforms cause the sum to wrap, leading
read(2) to fail later.
We check prior to this point that all buffer sizes are <= SSIZE_MAX.
SSIZE_MAX * 2 < SIZE_MAX on all platforms, so the addition here will
not overflow and cause a similar issue.
Discovered by tobias@ a while back.
ok deraadt millert tobias
|
