| Age | Commit message (Collapse) | Author |
|---|
|
|
|
a change mpi@ committed to all architectures in 2015
|
|
|
|
|
|
|
|
This is relevant because EVP_EncryptInit(3) takes a "key" argument,
and users need to consider the size of that argument.
While here, also mention whether ciphers are stream ciphers
or block ciphers and what the block size is.
|
|
|
|
fixes a possible redefinition of z_const and adds a range check for
MAX_WBITS.
ok bluhm
|
|
ok miod@
|
|
while here remove the unused function action_m4_define() and two
unused variables: `opt' in scanopt_err() and `num' in filter_fix_linedirs()
ok miod@
|
|
ok miod@
|
|
context (when it calls uvm_pagerealloc_multi()). But the current
implementation of pmap_copy_page() assumes it only runs in process context.
Use splbio() to block the interrupts while we're doing the copy.
ok mpi@
|
|
Replace literal braces with .Brq, use a list and indent the interface options
under that interface entry to reflect hierarchy (rad.conf(5) does that, too).
Feedback from/fine with jmc
|
|
Replace literal braces with .Brq, use lists, replace literal 'foo options'
with .Ar option ... and indent options where they belong.
This highlights config parser differences between daemons:
- dhcpleased: requires empty blocks, e.g. 'interface em0 {}' (Brq Op Ar option ...)
- rad: lets you omit them, e.g. 'interface em0' (Op Brq Ar option ...)
Feedback OK jmc
|
|
Instead of wiring page by page, wire the whole range. After the
PSP lauch update data command finished, unwire the memory again.
from hshoexer@; OK mlarkin@
|
|
ixany, but was setting ixany instead.
Fix this by reversing the logic.
Bug report and fix from Piotr Durlej, thanks!
|
|
ok jmc@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
missed when the prototype was removed in ifq.h rev 1.25
ok dlg@
|
|
It turns out that DOWNLOAD_ONLY was just used as the inverse of INSTALL,
so use the one variable instead of two.
This also uncovered some small cleanups.
|
|
This provides a more easily machine readable list than the normal output.
|
|
function EVP_MD_CTX_init(3) and talk about EVP_MD_CTX_new(3) instead.
This is similar in spirit to OpenSSL commit 25191fff (Dec 1, 2015),
but i'm also mentioning EVP_MD_CTX_reset(3), slightly reordering some
sentences in a more systematic way, and improving some related wordings
to be more precise and read better.
|
|
This calls init() with the default method, so EC_KEY_copy() gets a chance
to call finish() if the source's method doesn't match. But no init() call
is made in EC_KEY_copy(). Of course the source method's copy() needs to be
able to cope. The great news is that ssh uses this. Sigh.
ok beck jsing
|
|
This is a special snowflake. Its logic is such that it only overwrites
things on the target that are available in the source. So if the source
has no group (yes, that's possible), the destination's group will remain.
Even better: if you copy a public key over what was previously a private
key, the private scalar will remain. That's almost never going to result
in a valid key. If you copy from a larger group to a smaller group the
private scalar will most likely be out of range [1, order).
Use dup functions instead of reimplementing badly and add a snarky comment
courtesy of beck to one of those silly const annotations (there's a small
addendum by me).
ok beck jsing
|
|
r is a silly name for an EC_KEY and it is silly to assign the refcount
to a variable i (short for uninspired) when you can check the function
return directly. Tweak sizeof in freezero to jsing's liking.
ok beck jsing
|
|
Use a better variable name, simpler error handling. This could be
simplified further if we decide to have an ec_key_set0_group() that
avoids a copy.
ok beck jsing
|
|
block is no
longer used by luna88k.
Tested & ok miod@ aoyam@
|
|
The socket filt_...() functions are called with shared netlock, but
without per socket lock. This can be done as they are read-only.
After unlocking, TCP will modify socket variables in parallel. So
explicitly mark with READ_ONCE() where unlocked access to socket
fields happens.
OK mvs@
|
|
Socket field so_oobmark belongs to receive path, so use so_rcv mutex
to protect it. Although tcp_input() is still exclusively locked,
put mutex there to prepare further unlocking.
OK mvs@
|
|
allows upowerd to react on power changes, and now i have nifty
notifications in xfce4 on the x13s when plugging/unplugging the ac.
Also works on the omnibook x14.
ok phessler@ kettenis@ jca@
|
|
|
|
To avoid a race between writing PSP command, sleeping, receiving
interrupt, and calling wakeup(9), protect psp(4) driver with a
mutex. With that interrupt handler is MP safe and ioctl(2) can
release kernel lock.
from hshoexer@; OK dlg@
|
|
mentioned in NAME and described in DESCRIPTION and RETURN VALUES.
|
|
ok miod@
|
|
tcp_update_sndspace() and tcp_update_rcvspace() only read global
variables that do not change after initialization. Mark them as
such. Add braces around multi-line if blocks.
ok mvs@
|
|
Replace the perlasm generated SHA-256 assembly implementation with one that
is actually readable. Call the assembly implementation from a C wrapper
that can, in the future, dispatch to alternate implementations. Performance
is similar (or even better) on modern CPUs, while somewhat slower on older
CPUs (this is in part due to the wrapper, the impact of which is more
noticable with small block sizes).
Thanks to gkoehler@ and tb@ for testing.
ok tb@
|
|
Rewrite bn2binpad, removing some OpenSSL specific behaviour and unnecessary
complexity. Our BN_num_bytes() does not return bogus lengths, so we don't
need to see if things work out with nominated outputs. Swipe away some
endianness_t, but continue to ignore negatives and don't dare give away
padded zeroes.
Implement a more readable constant time conversion. In particular, the
little endian is the less common use case, which we can implement by
reversing the padded output in place, rather than complicating all of the
conversion code.
ok beck@ tb@
|
|
|
|
These will be used in an upcoming change.
ok beck@ tb@
|
|
jsing rightly points out that this has nothing to do with ASN.1, but
ec_lib.c has no EC_KEY knowledge otherwise (it's about groups and points)
and moving it to ec_key.c is also not satisfactory since the weird
d2i/i2d for ECParameters don't belong there either.
no objection from jsing
|
|
Replace the aarch64 CPU detection code with a version that parses ISAR0,
avoiding signal handling and SIGILL. This gets ISAR0 via sysctl(), but this
can be adapted to other mechanisms for other platforms (or alternatively
the same can be achieved via HWCAP).
This now follows the same naming/design as used by amd64 and i386, hence
define HAVE_CRYPTO_CPU_CAPS_INIT for aarch64.
ok kettenis@ tb@
|
|
with TTL field to zero. To fix it function pf_test_state_icmp()
must initialize ttl field in pf_pdesc structure for inner packet.
feedback from bluhm@
OK bluhm@
|
|
used by idle page zeroing code removed from uvm in 2015
ok miod@ mpi@ mlarkin@
|
|
|
|
|
