| Age | Commit message (Collapse) | Author |
|---|
|
This restriction was added in year 2000 due to IPv6 compatible and
mapped addresses. Nowadays our kernel does not support these IPv6
features and blocks localhost addresses on non-loopback interfaces.
Make IPv4 127.0.0.1/8 and IPv6 ::1 behave identically and provide
local services if configured.
OK mvs@ deraadt@
|
|
|
|
by unexpanding the SYN_CACHE_TIMER_ARM() macro in the timer callback.
OK mvs@
|
|
ok jmc
|
|
|
|
point people to pkg_create wrt FULLPKGNAME
|
|
Previously work items were enqueued in the order the CA intended them
to appear on a Manifest. However, there is no obvious benefit to letting
third parties decide the order in which things are processed.
Instead, randomize: ordering has no meaning anyway, and the number of
concurrent repository synchronization operations is limited & timeboxed.
As they say, a fox is not taken twice in the same snare
OK tb@
|
|
ok dv@
|
|
|
|
|
|
On newer Ryzen/EPYC, we need to hide the HwPstate CPUID 80000007:EDX
field for HwPstate, or guests will try to access the MSRs associated
with those, and that will fail with #GP.
ok deraadt
|
|
This removes the ability to do direct syscalls from perl, instead calling
the appropriate libc functions.
Currently we generate the dispatcher via a perl script duing build.
requested by deraadt@
nits from espie@
education from miod@
infrastructure fixes from sthen@
many improvements and ok gkoehler@
Please commit soon. OK bluhm@
|
|
https://github.com/Perl/perl5/issues/21235
https://github.com/Perl/perl5/pull/21265
https://github.com/Perl/perl5/commit/9e298ab597b2c6fc0741749d7e29119e2d6cd628
Bug reported by Anton Borowka. Fix from upstream Perl. OK afresh1@
|
|
1. in pmap_enter() no need to call tlb_flush_page() if we don't actually
insert a pted
2. all callers of pmap_pte_remove() already call tlb_flush_page()
This seems to result in some performance improvement (18mn -> 17mn15)
while building libc on a Hifive Unmatched). Also zap whitespace and
useless comments to further reduce the diff with arm64/pmap.c
ok kettenis@
|
|
As noted by drahn@ the compiler did inline said functions, but it also
provided them as unused symbols.
ok miod@ mlarkin@ kettenis@
|
|
This brings riscv64/pmap.c in line with arm64/pmap.c, original fix by
drahn@
ok miod@ kettenis@ mlarkin@
|
|
seconds, GitHub issue 3582.
|
|
Allows for probes like `BEGIN {}`, in parity with bpftrace.
Also fixes an incorrect syntax error parsing argN builtins in
subsequent probes after an empty BEGIN block.
ok mpi@
|
|
Found by David Linder
ok patrick@
|
|
be NULL here.
Found by tb@
|
|
|
|
Resolves segfaults when using probe within BEGIN or END.
ok mpi@
|
|
After r1.44 "Start on DOWN interfaces" this sentence makes no sense
and just repeats the obvious conditions, so zap it.
With/OK stsp
|
|
issue 3627.
|
|
When creating new crypto volumes with a passphrase or updating one, pick a
number of rounds that aims to take around 1s instead of just 16 (on X230 and
T14 machines, 16 rounds unlock pretty much instantly).
New default [-r auto] never decreases rounds, only explicit '-r N' can.
16 is the absolute minimum.
Motivation is to provide a saner and more modern default, especially for
fresh installations utilizing new disk encryption question.
Prodding for new default from and OK jsing on early "-r auto" installer diff
idea to to pick MAX(auto, old-rounds) from Lucas[AT sexy DOT is]
"seems acceptable to me" deraadt
Feedback kettenis sthen
OK op
|
|
Same fix as applied to iwx(4) in March. Since iwm(4) does not use a task
for key installation and removal the same race might not manifest here.
However, trying to delete a key while the station is not in firmware
is wrong in any case. And this code might get moved into a task later.
|
|
bpf in monitor mode.
Crash reported by brad and sthen.
I reproduced the issue to verify my fix but I did not check whether
aircrack-ng actually works with this.
|
|
|
|
This makes all code paths deactivating or freeing anons consistent.
No objection from the usual suspects.
|
|
|
|
|
|
variant of the visionfive2 board.
ok jsing@
|
|
structure data returned by rtable_getsource(). Netlock can't be pushed
within rtm_send() because we have paths where caller already holds it.
tested by jca
ok bluhm jca
|
|
The i8259 was considering the state of the mask register when a
device requested raising the bit in the interrupt request register.
This caused a race condition where if the virtio device asserted
the irq while it was masked in the i8259 by the vm, we'd miss the
interrupt request. The device and the pic would become out of sync
and users reported virtio block device stalls as the vioblk(4)
driver would starve, waiting for an interrupt that will never arrive.
The mask is now considered only at ack time, when finding possible
interrupts to inject. This bug was never a problem previously as
virtio devices were emulated synchronously.
Deasserts related to the vcpu reading the virtio isr register are
also made now in response to the read request instead of issued
asynchronously. This removes a subsequent race condition.
Testing from mbuhl@, stsp@, and Florian Riehm.
ok mlarkin@
|
|
|
|
* more precision what the CIPHER_CTX functions do
* more precision what an NID is
* avoid talking about RC2, use AES-256 for an example instead
* clarify that block sizes are measured in bytes
* mention additional restrictions regarding valid block sizes
* add the missing description of the *_flags(3) functions
* mention the public mask constant EVP_CIPH_MODE
* add three missing modes that can occur as return values
* add the missing entries for *_flags(3) and *_mode(3) below RETURN VALUES
* tweak various wordings for precision and conciseness
|
|
It currently returns NULL. This is OpenSSL 4088b926 + De Morgan.
ok jsing
|
|
|
|
ok patrick@
|
|
|
|
newer Unicode combined characters (which we have to "know" are combined
since they are not width zero). GitHub issue 3600.
|
|
|
|
|
|
|
|
|
|
sched_cpu_init() is only run once per cpu_info struct, so we don't
need these NULL-checks.
The NULL-checks are a vestige of clockintr_cpu_init(), which runs more
than once per CPU and uses the checks to avoid leaking clockintr handles.
Thread: https://marc.info/?l=openbsd-tech&m=169349579804340&w=2
ok claudio@
|
|
If fw_update exits unexpectedly the package database would never unlock.
select solution from millert@
|
|
Show status as we go with spinner rather than printing only at the end.
Suggestions from deraadt@
Most of this has been in snapshots for a while
|
|
|
|
and EVP_CIPHER_CTX_set_flags(3) out of the excessively large and
unwieldy EVP_EncryptInit(3). This causes a number of inaccuracies
and gaps to stand out, but i'm not mixing text changes or content
additions into this split.
Using very useful feedback from tb@ regarding what belongs together
and how important the various functions are. I refrained from bothering
him with the complete patch, but he likes the general direction.
|
