| Age | Commit message (Collapse) | Author |
|---|
|
that manifest
OK tb@
|
|
OK tb@ claudio@
|
|
- lowercase Nd
- add arch to Dt
acpi.4:
- add entry for ampchwm
ok claudio
|
|
Fix the mask of shifted 8 bit field from 0x7f to 0xff.
Allows proper decoding of status fields SCT and SC.
From mlelstv@netbsd via NetBSD.
ok miod@
|
|
Since the revision 1.1182 of net/pf.c netlock is not taken while
export_pflow() called from pf_purge_states(). Current locks order
requires netlock to be taken before PF_LOCK(), so there is no reason
to turn it back into this path only for optional export_pflow() call.
The `pflowif_list' foreach loop has no context switch within, so SMR
list is better than mutex(9).
Tested by Hrvoje Popovski.
ok sashan bluhm
|
|
|
|
This adds per core energy sensors (in Joules) and one per SoC temparature
sensor.
OK kettenis@ deraadt@
|
|
ok sf@
|
|
From Ilya Bakoulin
10ce6301009fa46ba264ed75b822115ec3ca6e67 in linux-6.1.y/6.1.66
6f395cebdd8927fbffdc3a55a14fcacf93634359 in mainline linux
|
|
From Harry Wentland
8332cb6c63394f32117a6f46a8cf7bedb8eec0b1 in linux-6.1.y/6.1.66
27fc10d1095f7a7de7c917638d7134033a190dd8 in mainline linux
|
|
From Melissa Wen
442a4d4d01579d5d7066d0653898ffbb4091e3be in linux-6.1.y/6.1.66
94369589e4ec13c762fe10a1fdc4463bdfee5d5f in mainline linux
|
|
From Rodrigo Siqueira
6cd736272165d7a6a7d62fb0a40536ed3741ed02 in linux-6.1.y/6.1.66
1682bd1a6b5fb094e914d9b73b711821fd84dcbd in mainline linux
|
|
From Dinghao Liu
0e0a95166882e594af4ab4f8c6f7894c2c32f6a9 in linux-6.1.y/6.1.66
7a88f23e768491bae653b444a96091d2aaeb0818 in mainline linux
|
|
From Nicholas Kazlauskas
195514bda626b16fb6ef9ff4172dc0433a3c105b in linux-6.1.y/6.1.66
1ffa8602e39b89469dc703ebab7a7e44c33da0f7 in mainline linux
|
|
From JinZe Xu
395a63ca1ad2e0534176cac91f5715961e744529 in linux-6.1.y/6.1.66
8f3589bb6fcea397775398cba4fbcc46829a60ed in mainline linux
|
|
From Christian Koenig
fc98ea2699c090e0377d16d733dca7a0b7508237 in linux-6.1.y/6.1.66
95ba893c9f4feb836ddce627efd0bb6af6667031 in mainline linux
|
|
From Hamza Mahfooz
7cfc3884a8bb3b77efd035885c758fb33587f1b3 in linux-6.1.y/6.1.66
b9f46f0b98784e40288ee393f863f553fde062fa in mainline linux
|
|
From Nicholas Kazlauskas
859a3a9f1e6b4055fd96695d11defca050ecf5cf in linux-6.1.y/6.1.66
4636a211980052ca0df90265c8a3ed2d46099091 in mainline linux
|
|
From Alvin Lee
6ef7f13c72df6bc95d39eb1614306768141377db in linux-6.1.y/6.1.66
9be601135ba8ac69880c01606c82140f2dde105e in mainline linux
|
|
From Nicholas Kazlauskas
a67c18704706e0a9ccac9b7002e678d325aea123 in linux-6.1.y/6.1.66
08448812acb2ab701cd5ff7e1a1dc97f7f10260c in mainline linux
|
|
From Alvin Lee
33ed892f0cdeb1350648cd3bfe8140aa9f792076 in linux-6.1.y/6.1.66
3c9ea68cb61bd7e5bd312c06a12adada74ff5805 in mainline linux
|
|
From Alex Sierra
c5cf436c8969516c92aaceb87582ff19bd187756 in linux-6.1.y/6.1.66
4b27a33c3b173bef1d19ba89e0b9b812b4fddd25 in mainline linux
|
|
From Mario Limonciello
c6088429630048661e480ed28590e69a48c102d6 in linux-6.1.y/6.1.66
6967741d26c87300a51b5e50d4acd104bc1a9759 in mainline linux
|
|
|
|
arguments, so we have to cope.
|
|
|
|
|
|
|
|
|
|
ok kettenis, some tweaks from jmc
|
|
The Intel SDM states the vmxon/vmxoff instructions don't invalidate
any EPT states on the cpu and recommend invalidating the global
context. vmm(4) opportunistically disables and enables VMX mode as
vms are created or terminated, so this adds a recommended
housekeeping step per the SDM.
While here, tidy up the CR4 toggling by moving it to after the MSR
feature check.
ok mlarkin@
|
|
|
|
runs too fast for the device and causes it to stutter its identification
string. Check if the second string chunk matches the first one, and ignore
it in this case, the correct data will come later.
|
|
|
|
ok kettenis
|
|
in front of the syscall instruction. This is used to calculate the start
of the syscall for SYS_sigreturn and pinned system calls.
ok kettenis
|
|
with {uint offset, uint syscall#} entries in libc & ld.so.
In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit)
are duplicated because additional or inline uses occur (that situation
is handled elsewhere)
ok kettenis
|
|
OK tb@
|
|
Fixes support of devices that attach multiple uaudio(4) drivers.
Every uaudio(4) instance parses the full set of device descriptors
because there are multiple interfaces per driver instance. If there is
a second uaudio(4) instance (i.e. a second control & stream interfaces
combo), the latter must skip the interfaces already used by the first
one (if it didn't, multiple uaudio(4) would try to use the same
interface and neither would work).
Help from and ok armani@.
|
|
Keep writing archives in ustar format by default. People can test the
posix 'pax' format using pax(1) -w -x pax ... or cpio -o -H pax ...;
tar(1) can't exercise this code yet. Only long names file and link
names are supported for now.
With input and tests from caspar@, ok millert@
|
|
ok kn@
|
|
tested on Linux/KVM
tested on proxmox and vultr by florian
ok florian
|
|
RPKI Manifests enable Relying Parties (RPs) to detect replay attacks,
unauthorized in-flight modification, or deletion of signed objects. RPs
can accomplish these security functions by comparing (what is expected
to be) a monotonically increasing counter (the 'manifestNumber') - to
determine what the latest Manifest is; a list of filenames - in order to
establish whether the complete set of files was fetched; and a list of
SHA256 message digests to ascertain whether the content's of said files
are exactly the same as the CA intended them to be.
Over time, two schools of thought arose. One philosophy is that the
highest numbered cryptographically valid Manifest represents the express
intent of the CA, so if manifest-listed files are missing, someone
upstream messed up and gets to enjoy the broken pieces. After all, RFC
9286 section 5.2 puts the onus firmly on the repository operator to
publish in a consistent manner. Here, "consistent" means that newly
issued manifests - in the same RRDP delta - are bundled together with
all new or changed ROAs, and that remote RSYNC repositories are
atomically updated (for example, using symlink pivots).
To overcome various types of inconsistent, transient, or intermediate
states of the remote publication point - previous versions of rpki-client
did construct the full CARepository state using a mix of objects from both
its local validated cache and the RRDP/RSYNC staging directories
(which contain purported new versions of the objects).
However, another take on RFC 9286 section 6.6's "use cached versions of
the objects" is that 'the objects' not only refers to the listed
subordinate products (such as ROAs/Certificates/ASPAs), but also to
Manifests themselves. The philosophy being that lower numbered
cryptographically valid Manifests with a complete & untampered set of
files are to be preferred over a higher numbered cryptographically valid
Manifests accompanied by incomplete sets of files. Consequently -
potentially - producing more stable VRP outputs, at the expense of being
magnanimous towards sloppy CAs and repository operators.
Going forward, rpki-client logs errors when inconsistent publications
are encountered, but also proceeds to use older cryptographically valid
Manifests (from previous successful fetches) in order to construct
the tree.
With and OK tb@, and also thanks to Ties de Kock from RIPE NCC.
|
|
|
|
structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst'
pflow_softc members by existing `sc_lock' rwlock(9).
This partially fixes locking inconsistency of pflow_softc. The following
work will be done with separate diffs.
Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from
pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference.
ok bluhm@
|
|
introduced in 1.3, causing sporadic pthread_main_np() erroneous results
(and possibly more subtle problems).
With and ok kurt@
|
|
which contains {offset,syscall#} structures.
ok kettenis
|
|
ok tb gnezdo
|
|
|
|
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).
|
