| Age | Commit message (Collapse) | Author |
|---|
|
Fixes support of devices that attach multiple uaudio(4) drivers.
Every uaudio(4) instance parses the full set of device descriptors
because there are multiple interfaces per driver instance. If there is
a second uaudio(4) instance (i.e. a second control & stream interfaces
combo), the latter must skip the interfaces already used by the first
one (if it didn't, multiple uaudio(4) would try to use the same
interface and neither would work).
Help from and ok armani@.
|
|
Keep writing archives in ustar format by default. People can test the
posix 'pax' format using pax(1) -w -x pax ... or cpio -o -H pax ...;
tar(1) can't exercise this code yet. Only long names file and link
names are supported for now.
With input and tests from caspar@, ok millert@
|
|
ok kn@
|
|
tested on Linux/KVM
tested on proxmox and vultr by florian
ok florian
|
|
RPKI Manifests enable Relying Parties (RPs) to detect replay attacks,
unauthorized in-flight modification, or deletion of signed objects. RPs
can accomplish these security functions by comparing (what is expected
to be) a monotonically increasing counter (the 'manifestNumber') - to
determine what the latest Manifest is; a list of filenames - in order to
establish whether the complete set of files was fetched; and a list of
SHA256 message digests to ascertain whether the content's of said files
are exactly the same as the CA intended them to be.
Over time, two schools of thought arose. One philosophy is that the
highest numbered cryptographically valid Manifest represents the express
intent of the CA, so if manifest-listed files are missing, someone
upstream messed up and gets to enjoy the broken pieces. After all, RFC
9286 section 5.2 puts the onus firmly on the repository operator to
publish in a consistent manner. Here, "consistent" means that newly
issued manifests - in the same RRDP delta - are bundled together with
all new or changed ROAs, and that remote RSYNC repositories are
atomically updated (for example, using symlink pivots).
To overcome various types of inconsistent, transient, or intermediate
states of the remote publication point - previous versions of rpki-client
did construct the full CARepository state using a mix of objects from both
its local validated cache and the RRDP/RSYNC staging directories
(which contain purported new versions of the objects).
However, another take on RFC 9286 section 6.6's "use cached versions of
the objects" is that 'the objects' not only refers to the listed
subordinate products (such as ROAs/Certificates/ASPAs), but also to
Manifests themselves. The philosophy being that lower numbered
cryptographically valid Manifests with a complete & untampered set of
files are to be preferred over a higher numbered cryptographically valid
Manifests accompanied by incomplete sets of files. Consequently -
potentially - producing more stable VRP outputs, at the expense of being
magnanimous towards sloppy CAs and repository operators.
Going forward, rpki-client logs errors when inconsistent publications
are encountered, but also proceeds to use older cryptographically valid
Manifests (from previous successful fetches) in order to construct
the tree.
With and OK tb@, and also thanks to Ties de Kock from RIPE NCC.
|
|
|
|
structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst'
pflow_softc members by existing `sc_lock' rwlock(9).
This partially fixes locking inconsistency of pflow_softc. The following
work will be done with separate diffs.
Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from
pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference.
ok bluhm@
|
|
introduced in 1.3, causing sporadic pthread_main_np() erroneous results
(and possibly more subtle problems).
With and ok kurt@
|
|
which contains {offset,syscall#} structures.
ok kettenis
|
|
ok tb gnezdo
|
|
|
|
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).
|
|
|
|
|
|
This will be used soon to pin system calls to designated call sites.
ok deraadt@
|
|
in_pcbbind(), in_pcbconnect(), and in6_pcbconnect() have to set
addresses and ports within the same critical section as the inpcb
hash table calculation. Also lookup and address selection have to
be protected to avoid bindings and connections that are not unique.
For that in_pcbpickport() and in_pcbbind_locked() expect that the
table mutex is already taken. The functions in_pcblookup_lock(),
in_pcblookup_local_lock(), and in_pcbaddrisavail_lock() grab the
mutex iff the lock parameter is IN_PCBLOCK_GRAB. Otherwise the
parameter is IN_PCBLOCK_HOLD has the lock has to be taken already.
Note that in_pcblookup_lock() and in_pcblookup_local() return an
inp with increased reference iff they take and release the lock.
Otherwise the caller protects the life time of the inp.
This gives enough flexibility that in_pcbbind() and in_pcbconnect()
can hold the table mutex when they need it. The public inpcb API
does not change.
OK sashan@ mvs@
|
|
with "smart home"/IoT devices, which runs over TCP or UDP over v6 over
various physical/network layers (Ethernet, Wifi, or low power lossy
radio-based networks like Thread). req by Jordan Williams ok deraadt
https://csa-iot.org/wp-content/uploads/2022/11/22-27349-001_Matter-1.0-Core-Specification.pdf
|
|
|
|
before future work where ld.so(1) will need this new system call.
Putting this in the kernel ahead of time will save some grief.
ok kettenis
|
|
The register write before this change had no visible run-time effect
on 88E1512 under normal conditions but it tried to update a reserved
bit and might prevent the standard behaviour of breaking the link on
insufficient Inter-Packet Gaps.
Cross-checked with datasheets for supported variants. Extended special
control register 20 exists only in E1111 but not in E151x, E1545x, or
E3016. It seems that the register was dropped in E15xx and subsequent
designs.
Originally from stsp@
ok claudio@ stsp@
|
|
|
|
log anything. From Kobe Housen
|
|
to reply; ok florian@
|
|
|
|
Since soreceive() runs in parallel for raw sockets, sbappendaddr()
has to be protected by inpcb mutex. This was missing in multicast
forwarding which is running with a combination of shared net lock
and kernel lock. soreceive() uses shared net lock and mutex per
inpcb. Grab mutex before sbappendaddr() in socket_send() and
socket6_send().
panic receive 1 reported by Jo Geraerts
OK mvs@ claudio@
|
|
non-libc users. This is a two-liner macro anyway, and this will make
deraadt@'s future changes in this area easier to make. NFC
|
|
considered as console keyboards.
|
|
overflows on systems with big swap partitions.
OK kettenis@ miod@
|
|
is fired afterwards.
ok claudio@
|
|
If the first header starts with a space but still contains a colon
character, it is added to the body mail effectively appending it to the
Received header due to the folding rules.
Issue reported by Crystal Kolipe
ok millert@, giovanni@
|
|
This avoids an intermediate link state (10baseT) before the interface
is configured via ifconfig(8), and is consistent with other MII
drivers and OSes.
The original reason for this workaround is mainly thought be related
to either reducing the time required for auto-negotiation to complete
or indeed incorrect advertisement of link capabilities.
Tested on Intel Elkhart Lake with dwqe(4) and 88E1512 PHY.
Originally from stsp@ with feedback from kettenis@.
ok kettenis@ claudio@
|
|
|
|
|
|
|
|
|
|
initalisation. This way there is enough KVA mapped that kmeminit()
succeeds even with large nkmempages. This is similar to e.g. alpha.
OK miod@ kettenis@
|
|
discussed with, tested by and ok tb@
|
|
malloc option D (aka 1), 2, 3 or 4. No performance impact if not
used. ok asou@
|
|
From Andrzej Hajda
84a6e475451dfe8db44bbf4fd0969906a9bfdc2f in linux-6.1.y/6.1.65
0561794b6b642b84b879bf97061c4b4fa692839e in mainline linux
|
|
ok deraadt@
|
|
This will be used soon to pin system calls to designated call sites.
ok deraadt@
|
|
There exists no struct in6pcb in OpenBSD, this was an old kame idea.
Calling the local variable in6p does not make sense, it is actually
a struct inpcb. Also in6p is not used consistently in inet6 code.
Having the same convention for IPv4 and IPv6 is less confusing.
OK sashan@ mvs@
|
|
During initialization in_pcballoc() sets INP_IPV6 once to avoid
reaching through inp_socket->so_proto->pr_domain->dom_family. Use
this flag consistently.
OK sashan@ mvs@
|
|
|
|
ok millert@
|
|
since AF_UNSPEC is zero.
|
|
DSN is implicitly enabled when using `listen on sock' but it's not for
the implicit socket, avoid this incoherence by enabling it on the
implicit socket too.
Report and diff by Tassilo Philipp (tphilipp at potion-studios dot com)
ok millert@
|
|
They make no sense. These are thin wrappers of EVP_*Final_ex() and behave
exactly the same way. The minor behavior difference of Init and Init_ex is
likely a historical artefact of this abomination of an API. Deprecation of
the Init functions was recently removed from the manpage. The only reason
to prefer the _ex versions over the normal versions is ENGINE. This is no
longer an argument.
The warnings were added in an attempt at adding automatic cleanup. This
broke stuff and was therefore backed out. The warnings remained.
discussed with schwarze
|
|
the socket and the socket's PCB data.
ok bluhm
|
|
protects related data.
ok bluhm
|
