summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
10 daysfix build without ICE_DEBUGStefan Sperling
10 daysimplement the ice(4) Rx interrupt handlerStefan Sperling
10 daysin ice(4), ensure that vsi->max_frame_size gets setStefan Sperling
dlg@ advised me that our drivers should always configure the largest frame size supported by hardware
10 daysAdd no-detach-on-destroy client option (useful for control modeNicholas Marriott
clients). From laur dot aliste at gmail dot com, GitHub issue 4242.
10 daysAdd two new style parameters, width and pad, which apply to scrollbars.Nicholas Marriott
From Michael Grant, GitHub issue 4241.
10 daysec_mult: fix includesTheo Buehler
10 daysTurn off scrollbar when pane is in alternate screen, from Michael Grant,Nicholas Marriott
GitHub issue 4231.
10 daysEC_KEY_copy() don't leave stale private keys in placeTheo Buehler
As most other objects, EC_KEYs can be as sparsely and invalidly populated as imagination permits and the competent designers of EC_KEY_copy() chose to just copy over what's available (yeah, what kind of copy is that?) and leave in place what happens to be there. In particular, if the dest EC key was used with a different group and has a private key, but the source key doesn't, the dest private key remains intact, as invalid, incompatible and unusable as it may be. Fix this by clearing said private key. ok jsing
11 daysadd placeholder for GC 11.5.2 APUJonathan Gray
11 daysprocmap(8) -> procmap(1); spotted by Avon RobertsonJonathan Gray
11 dayssparce -> sparseJonathan Gray
11 daysdrm/amdgpu: prevent NULL pointer dereference if ATIF is not supportedJonathan Gray
From Antonio Quartulli a613a392417532ca5aaf3deac6e3277aa7aaef2b in linux-6.6.y/6.6.61 a6dd15981c03f2cdc9a351a278f09b5479d53d2e in mainline linux
11 daysdrm/amdgpu: Fix DPX valid mode check on GC 9.4.3Jonathan Gray
From Lijo Lazar 3930715c1aefe8e5cbca94144081aa08b466d571 in linux-6.6.y/6.6.61 3ce3f85787352fa48fc02ef6cbd7a5e5aba93347 in mainline linux
11 daysdrm/amdgpu: Adjust debugfs register access permissionsJonathan Gray
From Alex Deucher e2574b57990d482cb4310f8d571e728741c711c8 in linux-6.6.y/6.6.61 b46dadf7e3cfe26d0b109c9c3d81b278d6c75361 in mainline linux
11 daysdrm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()Jonathan Gray
From Alex Deucher 8906728f2fbd6504cb488f4afdd66af28f330a7a in linux-6.6.y/6.6.61 4d75b9468021c73108b4439794d69e892b1d24e3 in mainline linux
11 daysdrm/amdgpu: Adjust debugfs eviction and IB access permissionsJonathan Gray
From Alex Deucher 5a8ae5fa576c3315c0b3ce0b0aec2e5d1aadebc9 in linux-6.6.y/6.6.61 f790a2c494c4ef587eeeb9fca20124de76a1646f in mainline linux
11 dayscompatibiliy -> compatibilityJonathan Gray
11 daysMove the stack 1GB higher, closer to the end of the userland address space.Miod Vallat
ok kettenis@
11 daysx509_policy.c: point at RFC 9618Theo Buehler
11 daysrevert tun(4) changes for now, breaks in kdump build (TUNSCAP/TIOCEXT clash)Stuart Henderson
tb@ agrees
11 daysrpki-client: use macros for skipping rather than hardcoded numbersTheo Buehler
ok claudio
11 dayseck_prn: some more air to breatheTheo Buehler
11 dayseck_prn: fix includesTheo Buehler
11 daysec_prn: use pkey rather than pk for an EC_KEYTheo Buehler
11 dayseck_prn: use group rather than x for an EC_GROUPTheo Buehler
11 dayseck_prn: use ec_key rather than x for an EC_KEYTheo Buehler
11 dayseck_prn: consistently use bio for a BIO rather than b and bp randomlyTheo Buehler
11 dayseck_prn: sprinkle some empty lines and drop some parens for consistencyTheo Buehler
11 dayseck_prn: shuffle printing functions into a better orderTheo Buehler
11 daysuse down->up hammer to handle ENETRESET in ice_ioctl; can be refined laterStefan Sperling
11 daysavoid sending needless MAC address updates to ice(4) hardwareStefan Sperling
11 daysfor clarity, look at 'perm_addr' for obtaining the MAC when ice(4) attachesStefan Sperling
12 daysTypo fixes in commentsKevin Lo
ok stsp@
12 daysprovide a way to negotiate network offloads between the kernel and userland.David Gwynne
userland can request that network packets that are read from or written to the device special file get prepended with a "tun_hdr" struct. this struct contains bits which say what offloads are requested for the packet, including things like ip/tcp/udp/icmp checksums, tcp segmentation offloads, or ethernet vlan tags. userland can write a packet with any of these offloads requested into the kernel at any time, but has to request which ones it's able to handle coming from the kernel. enabling the tun_hdr struct and which offloads userland can handle is done with a new TUNSCAP ioctl. this is based on the virtio_net_hdr in linux, which jan@ actually implemented and had working with vmd. however, claudio@ and i strongly opposed to what feels like a layer violation by pulling virtio structures into the tun driver, and then trying to emulate virtio/linux semantics in our network stack, and playing catch up when the "upstream" projects decide to change the shape or meaning of these bits. tun_hdr is specific to the openbsd network stack and it's semantics, which simplifies our kernel implementation. jan has been pretty gracious about the extra work on the vmd side of things. tested by and ok jan@ ok claudio@
12 daysAES_{decrypt,encrypt}() don't return void internal functionTheo Buehler
"A return statement with an expression shall not appear in a function whose return type is void." ok deraadt miod
12 daysimplement ice_down(); ifconfig ice0 down/up is working nowStefan Sperling
12 dayssyncTheo de Raadt
12 daysTake into account how long the dns probe takes before decding toOtto Moerbeek
punt. A single res_query() call can return immediately (e.g. success or the nameservers are unreachable), or take quite some time, depending on how many nameservers are configured. So measure the actual time it takes and decide wat to do based on that. Early version from beck@; ok claudio@ deraadt@
12 daysEnable ixv(4) in RAMDISK_CDYASUOKA Masahiko
ok stu deraadt
12 daysmerge tap(4) into tun(4). it's the one driver providing both interfaces.David Gwynne
ok and tweaks from claudio@ and jmc@
12 daysSecond sweep of foosz -> num_foos and friendsTheo Buehler
Binary change in main.o and tal.o due to an assertion change and in spl.o due to line number changes looks good to claudio, ok clang + sha256
12 dayspowerpc/pci/pci_machdep.h moved to machine/pci_machdep.h in 2013Jonathan Gray
13 dayssyncTheo de Raadt
13 daysThe subject of a certificate is not optionalTheo Buehler
A certificate must have a subject, so X509_get_subject_name() cannot return NULL on a correctly parsed certificate, even if the subject is empty (which is allowed). So if X509_get_subject_name() returns NULL, error instead of silently ignoring it in tls_check_common_name(). This is currently no issue. Where it matters, the match against the common name will fail later, so we fail closed anyway. ok jsing
13 daysFix simplefb colours for BPP16 and BPP24 by specifiying colourTobias Heider
offsets for RGB formats explicitly. From Paul Fertser ok patrick@ miod@ kettenis@
13 daysAdds support for BPP16 16-bit color EFI framebuffer format as offeredTobias Heider
by u-boot. From Paul Fertser ok patrick@ miod@ kettenis@
13 daysUpdate libexpat to version 2.6.4.Alexander Bluhm
Relevant for OpenBSD are security fix #915, other changes #905 #902 #904 #317 #918 #914. Major library bump is necessary as new error constant has been added to a public header file. CVE-2024-50602 OK matthieu@ tb@ deraadt@
13 daysLink the new manual page EVP_PKEY_new_CMAC_key(3) to the buildIngo Schwarze
and purge the superseded information from the algorithm-independent page EVP_PKEY_new(3).
13 daysDocument EVP_PKEY_new_CMAC_key(3) in sufficient detail such that readersIngo Schwarze
stand a chance of using the API correctly. Admittedly, having so much text below EXAMPLES is somewhat unusual. While all that information is required to use the function correctly, strictly speaking, it is not part of the specification of what EVP_PKEY_new_CMAC_key(3) does, so it woundn't really belong in the DESCRIPTION. Now, designing an API function in such a way that using it correctly requires lots of information about *other* functions and such that all that additional information does not belong into the manual pages of those other functions (both because that would cause distractions in various other manual pages and because it would scatter required information around lots of different pages) is certainly not stellar API design. But we can't help that because these APIs were all originally designed by OpenSSL. Significant feedback and OK tb@.
13 daysAdd comment for crypto_cpu_caps_aarch64.Joel Sing