openbsd
3 years agoincrease maximum SSH2_FXP_READ to match the maximum packet size.
djm [Fri, 19 Mar 2021 02:18:28 +0000 (02:18 +0000)]
increase maximum SSH2_FXP_READ to match the maximum packet size.
Also handle zero-length reads that are borderline nonsensical but
not explicitly banned by the spec.
Based on patch from Mike Frysinger, feedback deraadt@ ok dtucker@

3 years agoUpdate go-module docs for recent changes, from Josh Rickmar, small tweak
sthen [Thu, 18 Mar 2021 22:36:36 +0000 (22:36 +0000)]
Update go-module docs for recent changes, from Josh Rickmar, small tweak
from me

3 years agoFrom Joachim Wiberg's version of mg.
lum [Thu, 18 Mar 2021 18:09:21 +0000 (18:09 +0000)]
From Joachim Wiberg's version of mg.

"This patch makes sure to clear the status/echo line after killing and
switching buffers by name.  Otherwise the kill/switch prompt lingers"

3 years agoDo not include ':' in the port number.
tb [Thu, 18 Mar 2021 16:15:19 +0000 (16:15 +0000)]
Do not include ':' in the port number.

ok claudio

3 years agoWhen changing the link local address send a RTM_IFINFO message out.
claudio [Thu, 18 Mar 2021 15:58:58 +0000 (15:58 +0000)]
When changing the link local address send a RTM_IFINFO message out.
Also prefer if (error == 0) over if (!error).
OK florian@ bluhm@

3 years agoDo not call rtm_ifchg() if IFF_UP changed. The code in if_up() and if_down()
claudio [Thu, 18 Mar 2021 15:57:16 +0000 (15:57 +0000)]
Do not call rtm_ifchg() if IFF_UP changed. The code in if_up() and if_down()
already call rtm_ifchg() and so this would just result in a duplicate message.
Noticed by deraadt@. OK florian@ bluhm@

3 years agoLike in the sysctl case include the ifp_sadl as RTA_IFP address in RTM_IFINFO
claudio [Thu, 18 Mar 2021 15:55:19 +0000 (15:55 +0000)]
Like in the sysctl case include the ifp_sadl as RTA_IFP address in RTM_IFINFO
messages. This way userland can detect if the lladdr of an interface was
changed.
OK florian@ bluhm@

3 years agoFail in rsync_base_uri() if the strdup calls fail. Do not bubble this
claudio [Thu, 18 Mar 2021 15:47:10 +0000 (15:47 +0000)]
Fail in rsync_base_uri() if the strdup calls fail. Do not bubble this
error upwards since a NULL return represents a bad-URI.
Diff originally from tb@

3 years agoAvoid NULL access in http_parse_uri()
tb [Thu, 18 Mar 2021 15:40:45 +0000 (15:40 +0000)]
Avoid NULL access in http_parse_uri()

A malformed URI such as "https://[::1/index.html" causes a NULL access
in the hosttail[1] == ":" check.

ok claudio

3 years agoFix SIOCDELLABEL/"ifconfig mpe0 -mplslabel" to unset label completely
kn [Thu, 18 Mar 2021 14:47:17 +0000 (14:47 +0000)]
Fix SIOCDELLABEL/"ifconfig mpe0 -mplslabel" to unset label completely

While the corresponding route gets removed properly, the driver's softc
kept the old label, i.e. "ifconfig mpe0" would show "mpls: label 42"
instead of "mpls: label (unset)" even though it was unset.

OK claudio

3 years agoDocument SIOCDELLABEL, link among MPLS drivers
kn [Thu, 18 Mar 2021 14:22:04 +0000 (14:22 +0000)]
Document SIOCDELLABEL, link among MPLS drivers

Use of the IOCTL section losely adopted from bridge(4),
the list of ioctls however is still incomplete.

mpw(4) and mpip(4) could use a reference to mpe(4) IOCTL or so,
but this is good enough for starters.

Feedback OK claudio

3 years agoDocument "-tunneldomain" and "-mplslabel", complete MPLS synopsis
kn [Thu, 18 Mar 2021 14:16:38 +0000 (14:16 +0000)]
Document "-tunneldomain" and "-mplslabel", complete MPLS synopsis

OK claudio

3 years agoDo not assign the return value from asprintf (int) to a size_t and then
claudio [Thu, 18 Mar 2021 14:08:01 +0000 (14:08 +0000)]
Do not assign the return value from asprintf (int) to a size_t and then
compare it to -1. Instead use a temp variable and assign to bufsz after
the -1 check.
Also add errx() calls after the switch statements in the FSM functions.
OK job@ tb@

3 years agoInitialize rsyncpid and httppid in the noop case. It seem gcc is not able
claudio [Thu, 18 Mar 2021 14:05:44 +0000 (14:05 +0000)]
Initialize rsyncpid and httppid in the noop case. It seem gcc is not able
to realize that the pids are initialized if !noop and not accessed if noop.
OK job@ tb@

3 years agoSince the entity queues are per repo there is no need to store the repo id
claudio [Thu, 18 Mar 2021 14:03:42 +0000 (14:03 +0000)]
Since the entity queues are per repo there is no need to store the repo id
anymore.
OK job@ tb@

3 years agoRemove duplicate prototype.
bluhm [Thu, 18 Mar 2021 11:17:04 +0000 (11:17 +0000)]
Remove duplicate prototype.

3 years agoType-cast getpagesize() from int to size_t for the comparison with d.
claudio [Thu, 18 Mar 2021 11:16:58 +0000 (11:16 +0000)]
Type-cast getpagesize() from int to size_t for the comparison with d.
getpagesize() will only return positive numbers (there is no negative
page size system) and it can not fail.
Should fix some compiler warnings seen in -portable projects.
OK otto@

3 years agoThe ntpd client code corrects both T1 and T4 with the current offset
bluhm [Thu, 18 Mar 2021 11:06:41 +0000 (11:06 +0000)]
The ntpd client code corrects both T1 and T4 with the current offset
returned by adjtime(2) from the kernel.  T1 is local time when the
NTP packet is sent and T4 when the response is received.  If between
these events a NTP reply from another server is received, it may
change the kernel offset with adjtime(2).  Then the calulation of
the client offset was done with different bases, the result was
wrong and the system time started moving around.
So instead of correcting T1 and T4 individually at different events,
correct their sum once.
Error handling was missing if there is no timestamp in the response.
As this should not happen in our kernel, fatal() is appropriate.
tested by weerd@; OK claudio@

3 years agoIn revision 1.91 of uhidev.c, jcs@ made sure to only detach devices
anton [Thu, 18 Mar 2021 09:21:53 +0000 (09:21 +0000)]
In revision 1.91 of uhidev.c, jcs@ made sure to only detach devices
claiming multiple report ids once. This allows uhidpp to piggy back on
the same functionality making uhidev_unset_report_dev() redundant.

3 years agoregen
mvs [Thu, 18 Mar 2021 08:44:59 +0000 (08:44 +0000)]
regen

3 years agoUnlock sendsyslog(2). Console output still requires kernel lock to be
mvs [Thu, 18 Mar 2021 08:43:38 +0000 (08:43 +0000)]
Unlock sendsyslog(2). Console output still requires kernel lock to be
held but this path is only followed while `syslogf' socket is not set.

New `syslogf_rwlock' used to protect `syslogf' access.

ok bluhm@

3 years agoFix previous (1.258). It breaks if localX itself is an object reference.
yasuoka [Thu, 18 Mar 2021 00:17:26 +0000 (00:17 +0000)]
Fix previous (1.258).  It breaks if localX itself is an object reference.
found and test by Rafael Avila de Espindola

ok kettenis

3 years agoWhen devices have claimed multiple report ids, only detach and send
jcs [Wed, 17 Mar 2021 19:44:16 +0000 (19:44 +0000)]
When devices have claimed multiple report ids, only detach and send
DVACT_DEACTIVATE to them once when walking sc_subdevs.

Fixes a regression reported and tested by Edd Barrett.

Input from and previous version ok anton.

3 years agoMake "ifconfig mpw0 -mplslabel" work
kn [Wed, 17 Mar 2021 18:53:25 +0000 (18:53 +0000)]
Make "ifconfig mpw0 -mplslabel" work

Code is there, noone ever used it, I guess.
This makes ifconfig(8) documentation actually hold true.

OK claudio

3 years agoRead ahead is now enforced for DTLS - remove workarounds.
jsing [Wed, 17 Mar 2021 18:11:01 +0000 (18:11 +0000)]
Read ahead is now enforced for DTLS - remove workarounds.

ok inoguchi@ tb@

3 years agoUse consistent s_server_opt_ prefix.
jsing [Wed, 17 Mar 2021 18:09:50 +0000 (18:09 +0000)]
Use consistent s_server_opt_ prefix.

3 years agoAdd DTLSv1.2 support to openssl(1) s_client/s_server.
jsing [Wed, 17 Mar 2021 18:08:32 +0000 (18:08 +0000)]
Add DTLSv1.2 support to openssl(1) s_client/s_server.

ok inoguchi@ tb@

3 years agofix whitespace nit in previous
tb [Wed, 17 Mar 2021 18:04:21 +0000 (18:04 +0000)]
fix whitespace nit in previous

3 years agoUpdate for DTLSv1.2 being enabled.
jsing [Wed, 17 Mar 2021 17:43:31 +0000 (17:43 +0000)]
Update for DTLSv1.2 being enabled.

3 years agoEnable DTLSv1.2.
jsing [Wed, 17 Mar 2021 17:42:53 +0000 (17:42 +0000)]
Enable DTLSv1.2.

This means that the DTLS_method() will now use DTLSv1.2 rather than DTLSv1.
Additional DTLSv1.2 related symbols and defines will be made publicly
visible in the near future.

ok inoguchi@ tb@

3 years agoUpdate for DTLSv1.2 version handling.
jsing [Wed, 17 Mar 2021 17:23:42 +0000 (17:23 +0000)]
Update for DTLSv1.2 version handling.

3 years agoAdd support for DTLSv1.2 version handling.
jsing [Wed, 17 Mar 2021 17:22:37 +0000 (17:22 +0000)]
Add support for DTLSv1.2 version handling.

This teaches the version functions that handle protocol versions about
DTLSv1.2 and the SSL_OP_NO_DTLS* options. We effectively convert between
TLS and TLS protocol versions where necessary.

ok inoguchi@ tb@

3 years agoList the Qu-c0-hr-b0-48 firmware image in the iwx(4) man page.
stsp [Wed, 17 Mar 2021 16:01:21 +0000 (16:01 +0000)]
List the Qu-c0-hr-b0-48 firmware image in the iwx(4) man page.

3 years agoMake iwx(4) attach to AX201 devices with PCI ID 0x34f0.
stsp [Wed, 17 Mar 2021 15:59:27 +0000 (15:59 +0000)]
Make iwx(4) attach to AX201 devices with PCI ID 0x34f0.

Requires Qu-c0-hr-b0-48 firmware which is available via fw_update(1).

Patch by Fredrik Engberg

3 years agoregen
stsp [Wed, 17 Mar 2021 15:58:51 +0000 (15:58 +0000)]
regen

3 years agoAdd another iwx(4) PCI device ID.
stsp [Wed, 17 Mar 2021 15:58:38 +0000 (15:58 +0000)]
Add another iwx(4) PCI device ID.
Based on a patch by Fredrik Engberg

3 years agoMake iwn(4) send block ack request frames with the firmware node
stsp [Wed, 17 Mar 2021 15:34:21 +0000 (15:34 +0000)]
Make iwn(4) send block ack request frames with the firmware node
which represents the AP, rather than the firmware's broadcast node.

Fixes a problem where firmware would generate bogus block ack requests
with a wrong starting sequence number, shifting the receiver's block ack
window out of sync with that of the firmware. Traffic would stall until
enough frames were sent to wrap sequence numbers of the block ack window.

ok chris@ kmos@

3 years agoSplit off init_ifaces from update_iface. init_ifaces discovers the
florian [Wed, 17 Mar 2021 15:24:04 +0000 (15:24 +0000)]
Split off init_ifaces from update_iface. init_ifaces discovers the
state of the machine on startup using ioctl(2) and getifaddrs(3).
We can then update this state with information provided by route
messages. We still need getifaddrs(3) to check if the layer 2 address
has changed.

This simplifies error handling (what should we do if ioctl(2) fails?),
reduces kernel round trips (no need to ask the kernel again for
information RTM_IFINFO provided already) and prevents a theoretical
race between RTM_IFINFO and getaddrinfo(3).

In a fast link state UP -> DOWN -> UP transition RTM_IFINFO informs us
that the link went down but we were not using this information but
rather looked at getifaddrs(3) information which might see the link as
already up again. We would then do nothing while we should try to get
a new lease.

By storing all interface information in the frontend process we can
skip imsgs to the engine process if we get an RTM_IFINFO without
relevant changes for us.

3 years agoUse correct rdomain when adding/deleting routes
kn [Wed, 17 Mar 2021 14:30:08 +0000 (14:30 +0000)]
Use correct rdomain when adding/deleting routes

mpip(4) always adds and deletes routes in rdomain 0 regardless of the
`tunneldomain', i.e. the `sc_rdomain' value.

mpw(4) adds routes with the specified rdomain but always deletes them
in rdomain 0.

mpe(4) consistently uses the softc's rdomain which is tracked
consistently across the various ioctls -- no fix needed.

Found while reading the code and testing ifconfig(8)'s "tunneldomain" in
order to document MPLS ioctls.

OK claudio

3 years agoFix bit position of ORPHAN in PS_BITS.
visa [Wed, 17 Mar 2021 14:06:54 +0000 (14:06 +0000)]
Fix bit position of ORPHAN in PS_BITS.

3 years agoAdd missing memory clobbers to "data" barriers.
kettenis [Wed, 17 Mar 2021 12:03:40 +0000 (12:03 +0000)]
Add missing memory clobbers to "data" barriers.

3 years agoHide kernel internals from userland by wrapping more bits in _KERNEL blocks.
claudio [Wed, 17 Mar 2021 09:05:42 +0000 (09:05 +0000)]
Hide kernel internals from userland by wrapping more bits in _KERNEL blocks.
Especially the includes of net/rtable.h and sys/queue.h are problematic.
OK florian@

3 years agoNetstat wants to access kernel internal structures for the kvm walker of
claudio [Wed, 17 Mar 2021 09:03:51 +0000 (09:03 +0000)]
Netstat wants to access kernel internal structures for the kvm walker of
the routing table.  Define _KERNEL around the net/route.h include.
OK florian@

3 years agoAlways use an allocated buffer for {Read,Write}Blocks() to make
yasuoka [Wed, 17 Mar 2021 05:41:34 +0000 (05:41 +0000)]
Always use an allocated buffer for {Read,Write}Blocks() to make
efid_io() simpler.  Also fixes the problem on some machines when boot
from CD-ROM.  It happened because the previous version passed
unaligned pointers to the functions even if it is restricted by the
IoAlign property of the media.  idea from kettenis, work with asou

ok kettenis

3 years agoAdd 'grp31' alias for curve25519 as documented in iked.conf(5).
tobhe [Tue, 16 Mar 2021 22:50:52 +0000 (22:50 +0000)]
Add 'grp31' alias for curve25519 as documented in iked.conf(5).

3 years agoNode without a "status" property should be considered enabled as well.
kettenis [Tue, 16 Mar 2021 22:08:55 +0000 (22:08 +0000)]
Node without a "status" property should be considered enabled as well.

Same change made to arm64 a week ago.

3 years agoMake sure that switching the console from serial to framebuffer works
kettenis [Tue, 16 Mar 2021 22:02:27 +0000 (22:02 +0000)]
Make sure that switching the console from serial to framebuffer works
for framebuffer nodes under / and /chosen.

Same change made to arm64 last month.

3 years agoNuke unused time_t variable.
krw [Tue, 16 Mar 2021 20:21:54 +0000 (20:21 +0000)]
Nuke unused time_t variable.

3 years agoMove setifrtlabel() and *keepalive() prototypes out of SMALL
kn [Tue, 16 Mar 2021 19:24:36 +0000 (19:24 +0000)]
Move setifrtlabel() and *keepalive() prototypes out of SMALL

Those commands are not supported under SMALL;  unless I overlooked others,
this should be the last bit to declare all prototypes correctly wrt. SMALL
(the overall unsorted order of both prototypes and commands makes this hard
to spot).

No object change, with and without SMALL.

3 years agosync to unbound 1.13.1; heavy lifting by sthen
florian [Tue, 16 Mar 2021 18:38:05 +0000 (18:38 +0000)]
sync to unbound 1.13.1; heavy lifting by sthen

3 years agoacpi_intr_disestablish() should free its own cookie.
patrick [Tue, 16 Mar 2021 18:31:16 +0000 (18:31 +0000)]
acpi_intr_disestablish() should free its own cookie.

ok kettenis@

3 years agoBump MAXTSIZ to 256MB on i386.
kurt [Tue, 16 Mar 2021 18:04:16 +0000 (18:04 +0000)]
Bump MAXTSIZ to 256MB on i386.

okay deraadt@

3 years agoOn i386 don't attempt to map shared libraries in low memory when
kurt [Tue, 16 Mar 2021 18:03:06 +0000 (18:03 +0000)]
On i386 don't attempt to map shared libraries in low memory when
a large executable's .text section crosses the 512MB exec line.

Executables that have MAXTSIZ > 64MB can map above the default
512MB exec line. When this happens, shared libs that attempt to map
into low memory will find their .data section can not be mapped. ld.so
will attempt to remap the share lib at higher addresses until it can be
mapped. For very large executables like chrome this process is very
time consuming. This change detects how much of the executable's
.text section exceeds 512MB and uses that as the initial hint for
shared libs to map into which avoids attempting to map into blocked
memory.

okay deraadt@

3 years agoDon't (try to) deconfigure an interface that was never configured.
florian [Tue, 16 Mar 2021 17:40:28 +0000 (17:40 +0000)]
Don't (try to) deconfigure an interface that was never configured.

3 years agoWe can't learn anything interesting from RTM_NEWADDR, stop handling
florian [Tue, 16 Mar 2021 17:39:15 +0000 (17:39 +0000)]
We can't learn anything interesting from RTM_NEWADDR, stop handling
it.

3 years agohandle theoretical case of sigfillsz not being pow2-sized on some
deraadt [Tue, 16 Mar 2021 16:32:22 +0000 (16:32 +0000)]
handle theoretical case of sigfillsz not being pow2-sized on some
architecture.
from miod

3 years agoDescribe what happens when RFC 4638 is not supported.
millert [Tue, 16 Mar 2021 13:53:39 +0000 (13:53 +0000)]
Describe what happens when RFC 4638 is not supported.
With help from sthen@.  OK sthen@ jmc@

3 years agoFix some correctness issues in the lowelevel kernel bringup code.
kettenis [Tue, 16 Mar 2021 10:57:47 +0000 (10:57 +0000)]
Fix some correctness issues in the lowelevel kernel bringup code.

- Make sure we install a dummy page table in TTBR0_EL1 before we change
  the size of the VA space in TCR_EL1.

- Flush the TLB after updating TCR_EL1.

- Flush TLB after installing the real kernel page table in TTBR1_EL1.

- Add some barriers around TLB flushes to make it consistent with
  other places where we do TLB flushes.

ok drahn@, patrick@

3 years agoAdd client-detached notification in control mode, from Mohsin Kaleem.
nicm [Tue, 16 Mar 2021 09:14:58 +0000 (09:14 +0000)]
Add client-detached notification in control mode, from Mohsin Kaleem.

3 years agoDo not delete control socket upon exit
kn [Tue, 16 Mar 2021 09:00:43 +0000 (09:00 +0000)]
Do not delete control socket upon exit

The control socket is not unveiled, therefore accounting would report
unveil violations whenever apmd(8) stopped (normally).

As discussed and done with other daemons such as relayd which also employ
no pledge (due to inherent limitations) but unveil effecting all of /,
simply stop removing the socket upon exit and leave it to the next apmd
which completely sets up its control socket anew at startup.

Violations reported by anton
Feedback OK semarie mestre

3 years agoA socket buffer is not the best size to read from a disk.
otto [Tue, 16 Mar 2021 06:44:14 +0000 (06:44 +0000)]
A socket buffer is not the best size to read from a disk.
Use st_blksize to set high water mark; florian@

3 years agodon't let logging clobber errno before use
djm [Tue, 16 Mar 2021 06:15:43 +0000 (06:15 +0000)]
don't let logging clobber errno before use

3 years agoAdd code to acpiiort(4) to look up named components in the IORT and
patrick [Mon, 15 Mar 2021 22:56:48 +0000 (22:56 +0000)]
Add code to acpiiort(4) to look up named components in the IORT and
map them.  This makes ACPI's call to acpi_iommu_device_map() do work
through acpiiort(4).

ok kettenis@

3 years agoChange API of acpiiort(4). It was written as a hook before, taking the
patrick [Mon, 15 Mar 2021 22:48:57 +0000 (22:48 +0000)]
Change API of acpiiort(4).  It was written as a hook before, taking the
PCI attach args and replacing the DMA tag inside.  Our other IOMMU API
though takes a DMA tag and returns the old one or a new one.  To have
acpiiort(4) integrate better with non-PCI ACPI devices, change the API
so that it is more similar to the other API.  This also makes the code
easier to understand.

ok kettenis@

3 years agoAdd acpi_iommu_device_map(), which replaces the DMA tag with one that
patrick [Mon, 15 Mar 2021 22:44:57 +0000 (22:44 +0000)]
Add acpi_iommu_device_map(), which replaces the DMA tag with one that
is blessed with IOMMU magic, if available.  This is mainly for arm64,
since on amd64 and i386 the IOMMU only captures PCIe devices, as far
as I know, which uses the pci_probe_device_hook().  This though is for
non-PCI devices attached through ACPI.

ok kettenis@

3 years agoAdd the IORT structure for named components. These give us the stream ids
patrick [Mon, 15 Mar 2021 22:40:23 +0000 (22:40 +0000)]
Add the IORT structure for named components.  These give us the stream ids
used towards an smmu(4) for non-PCI devices.  The references are provided
as ASCII printable paths.

ok kettenis@

3 years agoWe makes sure that a dh group is required if the local proposal
tobhe [Mon, 15 Mar 2021 22:32:44 +0000 (22:32 +0000)]
We makes sure that a dh group is required if the local proposal
contains an explicit group transform. Override requiredh if one
of the local options is 'none' so that a proposal with no DH
group and on with explicit group 'none' result in a match.

ok patrick@

3 years agoIgnore msg_ke in CREATE_CHILD_SA if DH negotiation results in group
tobhe [Mon, 15 Mar 2021 22:29:17 +0000 (22:29 +0000)]
Ignore msg_ke in CREATE_CHILD_SA if DH negotiation results in group
'none' (disabling PFS).  Fixes a bug when the initiator sends a KE
payload but the negotiation results in DH group "none".
For other DH group mismatches we send an INVALID_KE notify, for 'none'
we can just ignore the KE payload.

ok patrick@

3 years agoClear AUTOCONF6TEMP flag when we detach inet6.
florian [Mon, 15 Mar 2021 17:28:45 +0000 (17:28 +0000)]
Clear AUTOCONF6TEMP flag when we detach inet6.

3 years agoDon't put an extern variable (ppc_kvm_stolen) into vmparam.h, other instances
deraadt [Mon, 15 Mar 2021 15:49:20 +0000 (15:49 +0000)]
Don't put an extern variable (ppc_kvm_stolen) into vmparam.h, other instances
of this file are only doing cpp #define

3 years agoDo not crash if there is no item to show command error, from Anindya
nicm [Mon, 15 Mar 2021 13:06:33 +0000 (13:06 +0000)]
Do not crash if there is no item to show command error, from Anindya
Mukherjee.

3 years agotweaks to system version handling:
espie [Mon, 15 Mar 2021 09:32:04 +0000 (09:32 +0000)]
tweaks to system version handling:
- create an element that accumulates version values  for when we have
several
- actually use compare on version values instead of hardcoding the
difference

no functional change

3 years agospelling
jsg [Mon, 15 Mar 2021 09:29:51 +0000 (09:29 +0000)]
spelling

3 years agoadd a check for system-version, since I tend to reverse comparisons
espie [Mon, 15 Mar 2021 09:26:29 +0000 (09:26 +0000)]
add a check for system-version, since I tend to reverse comparisons

3 years agoAllocate the repo structs individually linked by a SLIST instead of using
claudio [Mon, 15 Mar 2021 08:56:31 +0000 (08:56 +0000)]
Allocate the repo structs individually linked by a SLIST instead of using
an array that is reallocated during runtime. With this the entityq can
move back into struct repo.
OK tb@

3 years agoLog errors with log level info and SPI.
tobhe [Sun, 14 Mar 2021 20:23:43 +0000 (20:23 +0000)]
Log errors with log level info and SPI.

3 years agoSince we are doing getifaddrs() anyway we can get the rdomain out of
florian [Sun, 14 Mar 2021 16:05:50 +0000 (16:05 +0000)]
Since we are doing getifaddrs() anyway we can get the rdomain out of
AF_LINK and skip one ioctl.
OK benno

3 years agomsi-map-mask is a pasto and should be iommu-map-mask.
patrick [Sun, 14 Mar 2021 14:46:52 +0000 (14:46 +0000)]
msi-map-mask is a pasto and should be iommu-map-mask.

From Jared McNeill at NetBSD
ok kettenis@

3 years agoadd HISTORY; from maxim vuets
jmc [Sun, 14 Mar 2021 10:08:38 +0000 (10:08 +0000)]
add HISTORY; from maxim vuets

3 years agoregen
jan [Sun, 14 Mar 2021 01:10:35 +0000 (01:10 +0000)]
regen

3 years agoAdd ID for Intel SSD DC
jan [Sun, 14 Mar 2021 01:09:29 +0000 (01:09 +0000)]
Add ID for Intel SSD DC

ok jsg@

3 years agoUse EXFLAG_INVALID to handle out of memory and parse errors in
tobhe [Sat, 13 Mar 2021 23:01:49 +0000 (23:01 +0000)]
Use EXFLAG_INVALID to handle out of memory and parse errors in
x509v3_cache_extensions().

ok tb@

3 years agoRemove "deletetunnel" (deprecated with 6.4)
kn [Sat, 13 Mar 2021 21:23:29 +0000 (21:23 +0000)]
Remove "deletetunnel" (deprecated with 6.4)

OK deraadt

3 years agoMove all rdomain bits under SMALL
kn [Sat, 13 Mar 2021 21:21:36 +0000 (21:21 +0000)]
Move all rdomain bits under SMALL

"[-]rdomain" commands are ignored under SMALL but their prototypes,
the global and therefore dead print logic are still in.

OK deraadt

3 years agoMove MPLS related function prototypes under SMALL
kn [Sat, 13 Mar 2021 21:14:15 +0000 (21:14 +0000)]
Move MPLS related function prototypes under SMALL

OK deraadt

3 years agobecause the kernel has been replaced after last boot, run kvm_mkdb
deraadt [Sat, 13 Mar 2021 21:11:56 +0000 (21:11 +0000)]
because the kernel has been replaced after last boot, run kvm_mkdb
before the first consumer of kvm_bsd.db

3 years agosync usb_device_info with usb.h, spotted by Enrik Berkhan, and millert@
sthen [Sat, 13 Mar 2021 16:41:47 +0000 (16:41 +0000)]
sync usb_device_info with usb.h, spotted by Enrik Berkhan, and millert@
noticed another change

3 years agoAdvertise 30-bit color support.
kettenis [Sat, 13 Mar 2021 14:02:02 +0000 (14:02 +0000)]
Advertise 30-bit color support.

ok matthieu@, jsg@

3 years agoonly try to set timestamps on files; avoids error with ftp -o /dev/null
sthen [Sat, 13 Mar 2021 11:36:31 +0000 (11:36 +0000)]
only try to set timestamps on files; avoids error with ftp -o /dev/null
ok jca robert

3 years agoWe can use memory marked as EfiBootServicesCode or EfiBootServicesData
kettenis [Sat, 13 Mar 2021 10:09:40 +0000 (10:09 +0000)]
We can use memory marked as EfiBootServicesCode or EfiBootServicesData
as well.

ok drahn@, kn@

3 years agoAdd TEST_SSH_MODULI_FILE variable to allow overriding of the moduli file
dtucker [Sat, 13 Mar 2021 01:52:16 +0000 (01:52 +0000)]
Add TEST_SSH_MODULI_FILE variable to allow overriding of the moduli file
used during the test run.

3 years agoAdd WSDISPLAYIO_DEPTH_30 in order to support 30-bit color support.
kettenis [Fri, 12 Mar 2021 23:42:50 +0000 (23:42 +0000)]
Add WSDISPLAYIO_DEPTH_30 in order to support 30-bit color support.

ok jsg@

3 years agosync
deraadt [Fri, 12 Mar 2021 19:58:47 +0000 (19:58 +0000)]
sync

3 years agomerge unbound-1.13.1
sthen [Fri, 12 Mar 2021 19:45:27 +0000 (19:45 +0000)]
merge unbound-1.13.1

3 years agoupdate to unbound-1.13.1, tested by gnezdo@
sthen [Fri, 12 Mar 2021 19:44:11 +0000 (19:44 +0000)]
update to unbound-1.13.1, tested by gnezdo@

3 years agoINET6_NOPRIVACY is called AUTOCONF6TEMP now, missed during rename.
florian [Fri, 12 Mar 2021 19:35:43 +0000 (19:35 +0000)]
INET6_NOPRIVACY is called AUTOCONF6TEMP now, missed during rename.

3 years agoIn ipw(4), ensure that net80211 is in ASSOC state while we are expecting
stsp [Fri, 12 Mar 2021 17:54:50 +0000 (17:54 +0000)]
In ipw(4), ensure that net80211 is in ASSOC state while we are expecting
an assoc response from the AP during the association sequence. Otherwise
net80211 would ignore the auth response, resulting in a state mismatch
between firmware and net80211. A symptom of this was that WPA didn't work.

Problem reported and fix tested by Ricardo Mottola

3 years agoAdd deprecation warning for autoconfprivacy.
florian [Fri, 12 Mar 2021 17:25:02 +0000 (17:25 +0000)]
Add deprecation warning for autoconfprivacy.
While here check address family for 'temporary' option, only inet6 is
allowed.
OK kn

3 years agoUse RA instead of MiRA in iwn(4).
stsp [Fri, 12 Mar 2021 16:27:27 +0000 (16:27 +0000)]
Use RA instead of MiRA in iwn(4).

Tested by:
iwn 6200: stsp
iwn 6205: cwen, Jeremy O'Brien
iwn 6300: okan

3 years agoUse RA instead of MiRA in iwm(4).
stsp [Fri, 12 Mar 2021 16:27:10 +0000 (16:27 +0000)]
Use RA instead of MiRA in iwm(4).

Tested by:
iwm 7260: florian
iwm 7265: TronDD, Aaron Miller, stsp
iwm 8260: bket
iwm 8265: matthieu, tracey, naddy, Dave Voutila, jcs, Mathieu Kerjouan,
          Matthias Schmidt, stsp
iwm 9260: matthieu, phessler, Darren VanBuren
iwm 9560: Uwe Werler