| Age | Commit message (Collapse) | Author |
|---|
|
of returning -1. With a return type of u_int16_t, -1 is not different
to a valid checksum. For incoming packets, the header lengths don't
exceed that size anyway, but for outgoing packets it's better to see
if our bootloader crafts a broken one.
Discussed with gerhard@
ok deraadt@ procter@
|
|
with odd packet lengths, which can happen when using TFTP to load
a file with an odd length. ospfd actually took dvmrpd's version
in 2006 to fix the same issue, and both daemons implementations are
the same. For the bootloader we keep the consts from the previous
version and replace the fatal with a print and return.
ok deraadt@
|
|
With this it's possible to build the kernel using clang.
Discussed with claudio@, ok deraadt@
|
|
MDFSOPT and add a missing prototype.
|
|
The macros are defined in a part of the header where a C compiler
is required. In addition, the macros expand to C code, so it looks
unnecessary to define the asserts with traditional cpp in mind.
OK cheloha@, mpi@
|
|
entry point.
ok mlarkin@, deraadt@
|
|
inspect the memory layout that the firmware has created. It is
especially useful for UEFI debugging.
OK deraadt@ kettenis@
|
|
ok kettenis@, jca@
|
|
it larger than RC4STATE. A long discussion ensued. In conclusion all
entropy inputs are either satisfactory enough, or just as shitty at 512.
|
|
section, which has grown a fair bit with the introduction of retguard.
Mortimer discovered the repeated 512-byte sequence as retguard keys, and
this resolves the issue. (Chacha does not fit on the media, so 1.5K early
drop RC4 is hopefully sufficient in our KARL link universe)
Version crank the bootblocks. sysupgrade -s will install new bootblocks.
ok djm mortimer
|
|
ok djm mortimer
|
|
so the file cannot be re-executed upon the next boot. This provides a
stronger one-shot-upgrade model than the upgrade script's rm /bsd.upgrade.
Now various forms of upgrade failure will reboot into /bsd, which is probably
more recoverable. Performing fchmod -x depends on (1) use of MI boot.c
(not alpha/macppc/sparc64/sgi/octeon) and (2) "can write blocks" functionality
in the IO layer. Most architectures have this support now.
Two diagnostics "fchmod a-x %s: failed" and "/bsd.upgrade is not u+x" will
remain in the tree while refinements happen for some of the laggard
architectures.
based upon a discussion florian
tested in snapshots for more than a week without any complaints
|
|
Probably not very useful (given the lack of feedback) but feels more
correct. Kernel part tested with option ZLIB_CONST.
|
|
Introduced in zlib-1.2.5.2, used by a few ports. ok deraadt@
|
|
|
|
fails and locks early in boot.
|
|
memcpy() correct behaviour. This also brings the bcopy() macro into line.
|
|
details from the ELF header instead of faking it.
Proposal from mlarkin, tested on most architectures already
|
|
|
|
half or more would be wasted. Causes more effective re-use of blocks.
ok jsing@
|
|
Historically, the softraid crypto support in the boot loaders has only
given one attempt to provide the correct passphrase. There were a
few reasons for this, including the fact that pkcs5_pbkdf2() allows an
empty passphrase and that returning EPERM allowed for another attempt.
With the event of KARL and the need for bsd.booted with hibernate resumption,
this becomes much more of an issue - if you get the passphrase wrong you
fail to resume. There are also other situations like using /etc/boot.conf
to switch serial console, but an incorrect passphrase results in the config
not being read. Also, bcrypt_pbkdf() does not permit empty passphrases.
This reworks the softraid crypto support in the boot loaders so that it
loops requesting a valid passphrase until one is provided, or an empty
passphrase is entered (at which point it will abort).
ok mortimer@ tb@
|
|
ok deraadt@
|
|
ENTRY is a trapsled. Fix a few functions which fall-through into an ENTRY
macro. amd64 binaries now are free of double+-nop sequences (except for one
assember nit in aes-586.pl). Previous changes by guenther got us here.
ok mortimer kettenis
|
|
ok deraadt
|
|
Use zero-padding to get double-digit HH:MM:SS and space-padding for
the DOM.
ok visa@
|
|
sprinkle some bounded attributes while here.
ok deraadt@
|
|
endianness for convenience reasons. Especially in code pathes like TFTP
where the source port is read from the received UDP packet and used as
destination port in a new UDP packet this can be very harmful. Luckily
this issue has had no effect on our architectures since they never use
any of the code paths that could be harmful.
ok visa@
|
|
in bootloader printfs.
Feedback from and ok gerhard@
|
|
Inputs and ok jsing@.
|
|
Remainder of the division is already stored in r1 in __divsi3/__udivsi3.
ok kettenis@
|
|
needed
problem noted by naddy@
|
|
not memcpy().
'oh oh' deraadt@
|
|
|
|
as full memory barriers.
|
|
implementation that it depends on currently isn't.
ok mikeb tom
|
|
|
|
with the RS780E chipset.
OK kettenis@, jsg@
|
|
ok tom@
|
|
a few performance-critical functions to compiler builtins. Since the
builtins supported by gcc3, gcc4 and clang are not the same, there are
(unfortunately) some compiler checks to make sure we only do the mapping
for builtins that are actually supported by the compiler.
ok jca@, tom@, guenther@
|
|
|
|
OK krw@
|
|
operations. This about doubles the routine's throughput.
No binary change on the 32-bit bootblocks
Discussed with miod@ long ago
|
|
generates calls to these functions when compiling an armv7 kernel.
Code from NetBSD's unified userland+kernel implementation, with lots of
irrelevant (for us) #ifdefs removed.
ok patrick@, guenther@
|
|
ok guenther@, patrick@
|
|
Based on a diff from djm@
|
|
avoid masking the errno from a failed read().
ok guenther@ tom@
|
|
elf(5)
feedback from guenther@
ok guenther@ kettenis@
|
|
ok deraadt@ millert@
|
|
which holds the CTF data.
ok mpi@
|
|
and softraid crypto key handling code.
|
