| Age | Commit message (Collapse) | Author |
|---|
|
ok jsg
|
|
|
|
tested with an mp3 on a Tinkerboard
OK sthen@ kettenis@
|
|
|
|
Addresses a stack exhaustion issue with llvm11 and a small number of ports.
ok kettenis@
|
|
|
|
|
|
This includes ujoy_hid_is_collection() to work around limitations of
hid_is_collection() until this can be combined without fallout.
input, testing with 8bitdo controller, and ok brynet@
PS4 controller testing, fix for hid_is_collection, and ok mglocker@
|
|
|
|
of file descriptors while running a busy desktop
the xenodm login class expands the records from the daemon login class
ok aja@, deraadt@, kettenis@, sthen@
|
|
|
|
it's only accessible to root:wheel.
ok deraadt@
|
|
Tested on a Cubieboard2.
OK patrick@
|
|
OK deraadt@, patrick@
|
|
but additionally have a bootblock in the first 8K (since UFS does not use that
space). There are some UEFI direct-from-internet bootloaders that require
the name *.img. So this makes things more convenient for those, while keeping
it consistant in all architectures.
ok kettenis beck kn
|
|
ok jsg kettenis, testing by kmos also
|
|
|
|
ok kettenis@ deraadt@
|
|
|
|
with help from claudio@
|
|
|
|
|
|
|
|
While FIDO/U2F keys were already supported by the generic uhid(4)
driver, this driver adds the first step to tighten the security of
FIDO/U2F access. Specifically, users don't need read/write access to
all USB/HID devices anymore and the driver also improves integration
with pledge(2) and unveil(2): It is pledge-friendly because it doesn't
require any ioctls to discover the device and unveil-friendly because
it uses a single /dev/fido/* directory for its device nodes.
It also allows to support FIDO/U2F in firefox without further
weakening the "sandbox" of the browser. Firefox does not have a
proper privsep design and many operations, such as U2F access, are
handled directly by the main process. This means that the browser's
"fat" main process needs direct read/write access to all USB HID
devices, at least on other operating systems. With fido(4) we can
support security keys in Firefox under OpenBSD without such a
compromise.
With this change, libfido2 stops using the ioctl to query the device
vendor/product and just assumes "OpenBSD" "fido(4)" instead. The
ioctl is still supported but there was no benefit in obtaining the
vendor product or name; it also allows to use libfido2 under pledge.
With feedback from deraadt@ and many others
OK kettenis@ djm@ and jmc@ for the manpage bits
|
|
|
|
responsive during packages compilation, especially on slower machines.
feedback welcome from people building ports
discussed with deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
USB isn't supported. The installer turns out to have been broken on
BeagleBoard for over a year and no one noticed. The existing support
for OMAP3 in the kernel remains though it isn't clear if anyone has
tried it after the fdt changes went in.
ok patrick@ tom@ kettenis@ matthieu@
|
|
|
|
raising openfiles-cur above the implicit -max value (1024 on at least the
common arch) results in the setting not being applied at all.
Earlier version OK tom@ danj@ ajacoutot@ benno@ krw@ beck@, suggestion about
openfiles= from millert@ - changes in this version are to use 1024 for -max
rather than 512 to avoid changing the existing hard limit, and just use
openfiles= for bgpd/unbound where max and cur are the same value.
|
|
|
|
|
|
|
|
|
|
While here, also remove two forgotten descriptions for long obsolete
devices.
|
|
|
|
ok deraadt@ yasuoka@ reyk@
|
|
are left for now but umg files are no longer built when building
releases.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
and force long filenames on the first mount of fat 16 filesystems so
this works.
U-boot scripts have not yet been changed to load these files.
ok kettenis@
|
