| Age | Commit message (Collapse) | Author |
|---|
|
|
|
ok tb
|
|
libevent functions for com, pic and rtc are now only called on event_thread.
vcpu exit handlers send messages on a dev pipe and callbacks on these events do
the event management (event_add, evtimer_add, etc). Previously, libevent state
was mutated by two threads, event_thread, that runs all the callbacks and the
vcpu thread when running exit handlers. This could have lead to libevent state
corruption.
Patch from Dave Voutila <dave@sisu.io>
ok claudio@
tested by abieber@ and brynet@
|
|
|
|
special case scripting in install.md.
(macppc still requires manual steps for HFS bootmode)
tested by krw, visa, gkoehler
|
|
OK claudio@
|
|
OK florian@, millert@, kn@
|
|
OK florian@, millert@, kn@
|
|
As a result *ra_rdnss and *ra_dnssl are not used any more, and can be removed.
While here remove spurious space.
OK florian@, millert@
|
|
use the files referenced in the manifests to build up a list of files
to keep and remove anything that is not in the list after doing the
full computation.
OK job@ benno@
|
|
protocols and ciphers. So you get a TLS server speaking TLSv1.0 and
supporting cipher suites with RC4 and 3DES encryption, all of which should
be considered broken. There is no way of disabling TLSv1.0 and TLSv1.1 in
ldapd. All this is also not very clearly called out in the documentation.
This commit switches the defaults to using the libtls defaults for both
protocols and ciphers. If compatibility with the insecure legacy protocols
and ciphers is needed, use the "legacy" keyword before "tls" or "ldaps" in
ldapd.conf.
tested by abieber.
inoguchi agrees with the direction.
ok beck
|
|
|
|
being unlink(2)ed from the main proc so I removed "cpath" from the pledge(2) on
the ldpe proc but actually the socket was unlink(2)ed from here, this means the
daemon would crash on exit due to pledge(2) not having "cpath" permissions
anymore. Finish the job by just not deleting the socket at all during
control_cleanup(), which keeps the control program still working without issues
but more importantly prevents the crash during exit, sorry about that.
Crash reported by wlund at iki.fi
OK deraadt@ claudio@ remi@
|
|
|
|
OK mpi
|
|
store radius passwords and nothing requires it to be group readable.
ok yasuoka@
|
|
Move log level to debug for that case and while there correct the
string, we're reding, not writing.
|
|
reading vpd stuff is useful when you're trying to get support
information about a pci device, eg, if you want a serial number,
or firmware versions, or specific part name or number, it's likely
available via vpd. also, im sick of having the diff in my tree.
this relies on the new PCIOCGETVPD ioctl i just committed to the
kernel.
it's a very quick and dirty implementation, hopefully someone will
pick it up and polish it a bit.
tested by hrvoje popovski on a variety of cards
ok jmatthew@
|
|
Inject a pending interrupt even if the rcv_pending flag is set to avoid the
endless EV_READ loop where a byte lingers read to be read but the vcpu never
gets the interrupt to read it. (e.g. the result of spamming RETURN via the
serial console)
Also, protect com ratelimit handler with mutexes to avoid corruption of the
device state.
These changes help preventing linux vm crashes when the return key is held on
boot.
Discovered by and patch from Dave Voutila <dave@sisu.io>
ok tb@
|
|
|
|
from Matt Dunwoodie and Jason A. Donenfeld
|
|
|
|
|
|
from Matt Dunwoodie and Jason A. Donenfeld
|
|
Fix a corner case where old events could be re-evaluated.
From Yuichiro NAITO.
|
|
Pointed out by Martin Vahlensieck, thanks!
|
|
vm would get stuck if disconnected from console and get unstuck once console is
attached.
Spotted by tb@
|
|
Inject pending interrupt if com has receive pending. This was previously
accidently checked in with an unrelated change by Mike Larkin and was backed out
as it didn't fix the intended problem.
Also, protect com ratelimit handler with mutexes to avoid corruption of the
device state. These changes help preventing linux vm crashes when the return
key is held on boot.
Discovered by and patch from Dave Voutila <dave@sisu.io>
|
|
and advised by dlg;
|
|
warning: format '%s' expects type 'char *', but argument 2 has type 'void *'
Seen on sparc64.
OK tobhe
|
|
end of an install and can take quite a while if you have certain fonts
installed. Before this change the cursor was left at an empty line.
tweak/ok espie@
|
|
ok beck@
"looks reasonable" millert@
|
|
use them separately. Actually a version of CISCO does and expects the
peer does the same. Also fix some typos.
|
|
sparc64 installboot(8) on softraid(4) with too large files, e.g. unstripped
builds, fails poorly with "installboot: softraid installboot failed".
This is due to the BIOCINSTALLBOOT ioctl(2) returing the default EINVAL
rather than using softraid's sr_error() interface properly; additionally,
installboot does not check for such message from the bio(4) layer.
Make the kernel generate "boot block too large" and "boot loader too large"
messages for softraid devices and have installboot act upon them analogous
to bioctl(8), by adapting its bio_status() into the new sr_status() helper.
Input, reminder to look at bioctl, same kernel diff from, OK jsing
|
|
|
|
While it doesn't matter for calloc, it's easier on the eyes to always
list the number of elements first and then the size.
From Donovan Watteau ( contrib AT dwatteau.fr), Thanks!
|
|
Reported by Prof. Dr. Steffen Wendzel <wendzel @ hs-worms . de>,
thanks!
OK martijn@ sthen@
|
|
okay tb@, florian@
|
|
okay tb@, florian@
|
|
ok millert@
|
|
OK deraadt@, kettenis@
|
|
OK deraadt@, kettenis@
|
|
|
|
UDP sockets for sending messages. Keep the sockets open if the
config allows to send UDP. Then they can be used to send if DNS
is working during the next SIGHUP.
bug reported and fix tested by sven falempin; OK millert@
|
|
Second attempt after config.c revision 1.37, this time merely delay the
"-n" test until after constraint checks have been performed such that
the PRI is still read, as required in order to get the total number of
VCPUs and memory.
OK kmos who also tested this
|
|
|
|
OpenBSD 6.9, we can use less awkward filenames.
Initial diff by deraadt, ok aja
|
|
|
|
Domains get to define their cores and memory only once unlike vnet, vdisk
and variable parameters of which it makes sense to have more than one;
iodevices are unique my design and may only be assigned once.
OK kettenis
|
|
Total vcpu and memory are read from the PRI so constraint checks must not
be done before that, noted by kettenis.
The fact that "total_cpus" as a global variable (initialized with zero) is
always smaller than the total number of configured vcpus and the fact that
I only tested a negative example without a positive one made me jump the
trigger, sorry.
|
