| Age | Commit message (Collapse) | Author |
|---|
|
From Alvin Lee
33ed892f0cdeb1350648cd3bfe8140aa9f792076 in linux-6.1.y/6.1.66
3c9ea68cb61bd7e5bd312c06a12adada74ff5805 in mainline linux
|
|
From Alex Sierra
c5cf436c8969516c92aaceb87582ff19bd187756 in linux-6.1.y/6.1.66
4b27a33c3b173bef1d19ba89e0b9b812b4fddd25 in mainline linux
|
|
From Mario Limonciello
c6088429630048661e480ed28590e69a48c102d6 in linux-6.1.y/6.1.66
6967741d26c87300a51b5e50d4acd104bc1a9759 in mainline linux
|
|
|
|
arguments, so we have to cope.
|
|
|
|
|
|
|
|
|
|
ok kettenis, some tweaks from jmc
|
|
The Intel SDM states the vmxon/vmxoff instructions don't invalidate
any EPT states on the cpu and recommend invalidating the global
context. vmm(4) opportunistically disables and enables VMX mode as
vms are created or terminated, so this adds a recommended
housekeeping step per the SDM.
While here, tidy up the CR4 toggling by moving it to after the MSR
feature check.
ok mlarkin@
|
|
|
|
runs too fast for the device and causes it to stutter its identification
string. Check if the second string chunk matches the first one, and ignore
it in this case, the correct data will come later.
|
|
|
|
ok kettenis
|
|
in front of the syscall instruction. This is used to calculate the start
of the syscall for SYS_sigreturn and pinned system calls.
ok kettenis
|
|
with {uint offset, uint syscall#} entries in libc & ld.so.
In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit)
are duplicated because additional or inline uses occur (that situation
is handled elsewhere)
ok kettenis
|
|
OK tb@
|
|
Fixes support of devices that attach multiple uaudio(4) drivers.
Every uaudio(4) instance parses the full set of device descriptors
because there are multiple interfaces per driver instance. If there is
a second uaudio(4) instance (i.e. a second control & stream interfaces
combo), the latter must skip the interfaces already used by the first
one (if it didn't, multiple uaudio(4) would try to use the same
interface and neither would work).
Help from and ok armani@.
|
|
Keep writing archives in ustar format by default. People can test the
posix 'pax' format using pax(1) -w -x pax ... or cpio -o -H pax ...;
tar(1) can't exercise this code yet. Only long names file and link
names are supported for now.
With input and tests from caspar@, ok millert@
|
|
ok kn@
|
|
tested on Linux/KVM
tested on proxmox and vultr by florian
ok florian
|
|
RPKI Manifests enable Relying Parties (RPs) to detect replay attacks,
unauthorized in-flight modification, or deletion of signed objects. RPs
can accomplish these security functions by comparing (what is expected
to be) a monotonically increasing counter (the 'manifestNumber') - to
determine what the latest Manifest is; a list of filenames - in order to
establish whether the complete set of files was fetched; and a list of
SHA256 message digests to ascertain whether the content's of said files
are exactly the same as the CA intended them to be.
Over time, two schools of thought arose. One philosophy is that the
highest numbered cryptographically valid Manifest represents the express
intent of the CA, so if manifest-listed files are missing, someone
upstream messed up and gets to enjoy the broken pieces. After all, RFC
9286 section 5.2 puts the onus firmly on the repository operator to
publish in a consistent manner. Here, "consistent" means that newly
issued manifests - in the same RRDP delta - are bundled together with
all new or changed ROAs, and that remote RSYNC repositories are
atomically updated (for example, using symlink pivots).
To overcome various types of inconsistent, transient, or intermediate
states of the remote publication point - previous versions of rpki-client
did construct the full CARepository state using a mix of objects from both
its local validated cache and the RRDP/RSYNC staging directories
(which contain purported new versions of the objects).
However, another take on RFC 9286 section 6.6's "use cached versions of
the objects" is that 'the objects' not only refers to the listed
subordinate products (such as ROAs/Certificates/ASPAs), but also to
Manifests themselves. The philosophy being that lower numbered
cryptographically valid Manifests with a complete & untampered set of
files are to be preferred over a higher numbered cryptographically valid
Manifests accompanied by incomplete sets of files. Consequently -
potentially - producing more stable VRP outputs, at the expense of being
magnanimous towards sloppy CAs and repository operators.
Going forward, rpki-client logs errors when inconsistent publications
are encountered, but also proceeds to use older cryptographically valid
Manifests (from previous successful fetches) in order to construct
the tree.
With and OK tb@, and also thanks to Ties de Kock from RIPE NCC.
|
|
|
|
structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst'
pflow_softc members by existing `sc_lock' rwlock(9).
This partially fixes locking inconsistency of pflow_softc. The following
work will be done with separate diffs.
Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from
pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference.
ok bluhm@
|
|
introduced in 1.3, causing sporadic pthread_main_np() erroneous results
(and possibly more subtle problems).
With and ok kurt@
|
|
which contains {offset,syscall#} structures.
ok kettenis
|
|
ok tb gnezdo
|
|
|
|
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).
|
|
|
|
|
|
This will be used soon to pin system calls to designated call sites.
ok deraadt@
|
|
in_pcbbind(), in_pcbconnect(), and in6_pcbconnect() have to set
addresses and ports within the same critical section as the inpcb
hash table calculation. Also lookup and address selection have to
be protected to avoid bindings and connections that are not unique.
For that in_pcbpickport() and in_pcbbind_locked() expect that the
table mutex is already taken. The functions in_pcblookup_lock(),
in_pcblookup_local_lock(), and in_pcbaddrisavail_lock() grab the
mutex iff the lock parameter is IN_PCBLOCK_GRAB. Otherwise the
parameter is IN_PCBLOCK_HOLD has the lock has to be taken already.
Note that in_pcblookup_lock() and in_pcblookup_local() return an
inp with increased reference iff they take and release the lock.
Otherwise the caller protects the life time of the inp.
This gives enough flexibility that in_pcbbind() and in_pcbconnect()
can hold the table mutex when they need it. The public inpcb API
does not change.
OK sashan@ mvs@
|
|
with "smart home"/IoT devices, which runs over TCP or UDP over v6 over
various physical/network layers (Ethernet, Wifi, or low power lossy
radio-based networks like Thread). req by Jordan Williams ok deraadt
https://csa-iot.org/wp-content/uploads/2022/11/22-27349-001_Matter-1.0-Core-Specification.pdf
|
|
|
|
before future work where ld.so(1) will need this new system call.
Putting this in the kernel ahead of time will save some grief.
ok kettenis
|
|
The register write before this change had no visible run-time effect
on 88E1512 under normal conditions but it tried to update a reserved
bit and might prevent the standard behaviour of breaking the link on
insufficient Inter-Packet Gaps.
Cross-checked with datasheets for supported variants. Extended special
control register 20 exists only in E1111 but not in E151x, E1545x, or
E3016. It seems that the register was dropped in E15xx and subsequent
designs.
Originally from stsp@
ok claudio@ stsp@
|
|
|
|
log anything. From Kobe Housen
|
|
to reply; ok florian@
|
|
|
|
Since soreceive() runs in parallel for raw sockets, sbappendaddr()
has to be protected by inpcb mutex. This was missing in multicast
forwarding which is running with a combination of shared net lock
and kernel lock. soreceive() uses shared net lock and mutex per
inpcb. Grab mutex before sbappendaddr() in socket_send() and
socket6_send().
panic receive 1 reported by Jo Geraerts
OK mvs@ claudio@
|
|
non-libc users. This is a two-liner macro anyway, and this will make
deraadt@'s future changes in this area easier to make. NFC
|
|
considered as console keyboards.
|
|
overflows on systems with big swap partitions.
OK kettenis@ miod@
|
|
is fired afterwards.
ok claudio@
|
|
If the first header starts with a space but still contains a colon
character, it is added to the body mail effectively appending it to the
Received header due to the folding rules.
Issue reported by Crystal Kolipe
ok millert@, giovanni@
|
|
This avoids an intermediate link state (10baseT) before the interface
is configured via ifconfig(8), and is consistent with other MII
drivers and OSes.
The original reason for this workaround is mainly thought be related
to either reducing the time required for auto-negotiation to complete
or indeed incorrect advertisement of link capabilities.
Tested on Intel Elkhart Lake with dwqe(4) and 88E1512 PHY.
Originally from stsp@ with feedback from kettenis@.
ok kettenis@ claudio@
|
|
|
