| Age | Commit message (Collapse) | Author |
|---|
|
(and it may seem it should be "r" to get access to the file to collect
the underlying socket, which is fully r/w in a non-file way). But this
matches the POSIX spec that the file be 'writeable'. The regress test
and daemons have been updated for this behaviour.
Gap discovered by martijn, long discussions with benno
|
|
|
|
|
|
will be ignored for user and host-based authentication.
Feedback deraadt@ ok markus@
|
|
User authentication keys that fall beneath this limit will be
ignored. If a host presents a host key beneath this limit then
the connection will be terminated (unfortunately there are no
fallbacks in the protocol for host authentication).
feedback deraadt, Dmitry Belyavskiy; ok markus@
|
|
variable is set. This is useful when running multiple clocks in
different time zones.
From James Russell Stickney (jrs AT outband.net), tweaked by me.
Input & OK kn
|
|
RSA key; ok markus@
|
|
never actually used. Spotted by Matthew Garrett
|
|
The list of not yet tested archs is smaller, so follow bsd.regress.mk(5)
advise and just print SKIPPED on those.
|
|
to hidkbd so that it can be re-used by apldc(4) and aplhidev(4) as well
this also adds support for apple fn key combinations to aplhidev(4)
ok miod@
|
|
They are no longer needed.
OK bluhm@
|
|
In case firmware initially comes up in FAULT state, reset the device and
give it one more chance to attach successfully. The Linux megaraid_sas
driver applies the same workaround in this case. There seems to be a bug
in some firmware versions which can trigger this behaviour; see mainline
Linux commit 6431f5d7c6025f8b007af06ea090de308f7e6881
Problem observed by me with mfii(4) attached via KVM PCI-passthrough:
mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: firmware fault
With this workaround in place, attachment succeeds and the device works:
mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: firmware fault; attempting full device reset, this can take some time
mfii0: "RAID Ctrl SAS 6G 1GB (D3116C)", firmware 23.29.0-0019, 1024MB cache
Tested for regressions on bare metal by Hrvoje with two different adapters:
mfii0 at pci1 dev 0 function 0 "Symbios Logic MegaRAID SAS3508" rev 0x01: msi
mfii0: "PERC H740P Mini ", firmware 51.16.0-4076, 8192MB cache
mfii0 at pci4 dev 0 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: "ServeRAID M5110", firmware 23.34.0-0023, 512MB cache
ok jmatthew@
|
|
|
|
There are commands (e.g. "get" or "put") that accept two
arguments, a local path and a remote path. However, the way
current completion is written doesn't take this distinction into
account and always completes remote or local paths.
By expanding CMD struct and "cmds" array this distinction can be
reflected and with small adjustment to completer code the correct
path can be completed.
By Michal Privoznik, ok dtucker@
|
|
If user entered a non-existent command (e.g. because they made a
typo) there is no point in trying to complete its arguments. Skip
calling complete_match() if that's the case.
From Michal Privoznik
|
|
From Ville Syrjala
d2ca79dd0b5487991dac52c6b679915dbd70ee4c in linux 5.15.y/5.15.68
672d6ca758651f0ec12cd0d59787067a5bde1c96 in mainline linux
|
|
From Greg Kroah-Hartman
58acd2ebae034db3bacf38708f508fbd12ae2e54 in linux 5.15.y/5.15.68
cbfac7fa491651c57926c99edeb7495c6c1aeac2 in mainline linux
|
|
From Qu Huang
ad5ef763dbbea8193bd2095a1401aeac6e8f74e8 in linux 5.15.y/5.15.68
b8983d42524f10ac6bf35bbce6a7cc8e45f61e04 in mainline linux
|
|
From Zhenneng Li
5a7a5b2edac4b05abd744eeaebda46d9dacd952d in linux 5.15.y/5.15.68
f461950fdc374a3ada5a63c669d997de4600dffe in mainline linux
|
|
From Candice Li
622a557b28b718d4da92ff3504d83af2310324d2 in linux 5.15.y/5.15.68
c351938350ab9b5e978dede2c321da43de7eb70c in mainline linux
|
|
psp_hw_fini
From YiPeng Chai
c15c2c2c08964fd99d3366f80742129f8ae28eaa in linux 5.15.y/5.15.68
9d705d7741ae70764f3d6d87e67fad3b5c30ffd0 in mainline linux
|
|
From Jeffy Chen
1f574fbe9c2b831a8c3156260842a7abd280d59f in linux 5.15.y/5.15.68
ea2aa97ca37a9044ade001aef71dbc06318e8d44 in mainline linux
|
|
Most of drm uses 32-bit sequence numbers in fences.
dma-fence-chain opts into 64-bit comparisons.
Wrapping is handled like i915_seqno_passed() except that if the sequence
numbers are the same one is not considered later than the other.
|
|
On AMD CPUs, LFENCE does not serialize instruction dispatch until MSR
C001_1029[1] is properly configured. We do this in identifycpu(); see
amd64/identcpu.c,v 1.103.
The upshot is that the first TSC synchronization test is currently
invalid on most AMD CPUs because the LFENCE in the test loop does not
ensure that the AP loads the BP's latest TSC value before executing
RDTSC. So the synchronization test is yielding false positives on AMD
CPUs where the TSCs are actually synchronized.
The simplest fix is to wait until after the secondary CPU runs
identifycpu() in cpu_hatch() to test TSC synchronization.
Moving the TSC sync test after CPU identification means that we can
remove the CPUID() calls from tsc.c: the CPU feature flags are set in
identifycpu() so we no longer need to test for IA32_TSC_ADJUST support
by hand.
While we are at it, we should also pass the correct cpu_info pointer
to tsc_test_sync_bp(). It was unused before, so the bug was harmless,
but we definitely need the BP's cpu_info pointer, not the AP's pointer.
Unfortunately, this change does not fix the TSC sync problems we've
been seeing on e.g. dv@'s and jmc@'s Ryzen 5 machines. Hopefully the
problem on those machines is buggy firmware and not another
architectural misunderstanding on my part.
Prompted by robert@. Problem diagnosed by brynet@. With input from
robert@, brynet@, and deraadt@. Tested by robert@, brynet@, dv@,
phessler@, and jmc@.
ok robert@ brynet@ sthen@
|
|
Help from kettenis@, "Nice!" deraadt@
|
|
|
|
in ukbd(4).
ok miod@
|
|
For hosts with multiple IP addrs this makes it possible to fall
over from an unresponsive IP to another. This also replaces the
other connect(2) + connect_wait() calls with timed_connect() so the
-w option now works for more that just http. OK sthen@ deraadt@
|
|
and make 'fdisk -v' display their names (NoAutoMount, Hidden,
Shadow, ReadOnly).
Shift 1ULL instead of 1 to make it clear these are uint64_t
flags. Makes clang happier.
|
|
again.
|
|
IANA made a permanent registration in the SMI Security for S/MIME CMS
Content Type registry at
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1
for signed objects conforming to draft-ietf-sidrops-signed-tal.
OK tb@
|
|
Connected routes have no gateway set but only have ifindex set.
When an interface is deconfigured this makes sure the right route is
removed.
OK tb@
|
|
This will happen when an address expires because the vltime drops to
zero. The kernel then deletes the address and slaacd tries to do so,
too. The correct fix is to track in slaacd that the kernel already
deleted the address for us, but that's too much work shortly before a
release so just hide the ugly warning for now, it's harmless.
Problem reported by semarie some time ago.
OK deraadt, benno
|
|
These ciphers have long based APIs, while EVP has a size_t based API. The
intent of these loops is to handle sizes that are bigger than LONG_MAX.
Rather than using the rather crazy EVP_MAXCHUNK construct, use LONG_MAX
rounded down to a large block size, ensuring that it is a block size
multiple. Revert the recently added overflow checks now that this is
handled more appropriately.
ok tb@
|
|
|
|
ok jsg
|
|
|
|
a file in the filesystem. Spotted by martijn. A review of AF_UNIX
binding programs has been done by benno, and we think it is worth commiting
this semantic change now and watching for fallout.
|
|
amd64 install using (G)PT seems busted as reported by tb
|
|
|
|
|
|
|
|
not differentiate between similar policies that only differ in srcnat. Also
include srcnat when logging flows or policies.
ok markus@
|
|
|
|
|
|
Testing with three softraid chunks now means NDISKS=3 as one would expect
and not NDISKS='1 2 3'.
This uses the powerful jot(1) -w and rs(1) -T commands and allows for more
simplifications in the Makefile.
|
|
Treat keydisks like real chunks until installboot properly skips it and
does not touch/install to them anymore.
|
|
or equal to the first;
diff from luka krmpotic
ok kn
|
|
|
|
Now that all FIDO signing calls attempt first without PIN and then
fall back to trying PIN only if that attempt fails, we can remove the
hack^wtrick that removed the UV flag from the keys returned during
enroll.
By Corinna Vinschen
|
