benno [Tue, 10 Jul 2018 13:06:28 +0000 (13:06 +0000)]
__func__ log statements and some whitespace knf
ok^H^HHmpf, whatever claudio@
kettenis [Tue, 10 Jul 2018 13:05:37 +0000 (13:05 +0000)]
Add a "machine acpi" command to force booting with ACPI enabled.
benno [Tue, 10 Jul 2018 13:03:06 +0000 (13:03 +0000)]
Initialize the rtable in the requests send to bgpd to the current
rtables process. With this you dont need to add "table N" to commands
when talking to a bgpd not in rdomain 0.
ok claudio@ phessler@
benno [Tue, 10 Jul 2018 13:02:14 +0000 (13:02 +0000)]
move the top level pledge, getrtable() works with pledge stdio.
ok claudio@ phessler@
henning [Tue, 10 Jul 2018 13:01:38 +0000 (13:01 +0000)]
in pf_set_protostate(), only decrement the half-open states counter when
the state was created on this host, i. e. not for those pfsync-imported.
whether pfsync-imported states should be accounted is a seperate discussion,
but as things are, we only increment the counter in pf_create_state(), and
imported states don't excercise that path.
probably fixes the half-open states accounting underflow-wraparounds that
some people have been seeing.
ok sashan
benno [Tue, 10 Jul 2018 12:40:41 +0000 (12:40 +0000)]
You can run multiple copies of bgpd in seperate rdomains.
However, the processes will see each others route messages. Some
structures are not initialized correctly for that, causing at least
useless log messages.
This is an attempt to use the default_tableid where its needed.
A few hardcoded uses of rtable 0 remain.
ok claudio@
benno [Tue, 10 Jul 2018 12:38:50 +0000 (12:38 +0000)]
the check "if (nc->rtableid)"
is used as an indicator that we are dealing with network statements from within
rdomain <n> { } blocks.
That needs to check against the rdomain we are running in instead.
ok claudio@
friehm [Tue, 10 Jul 2018 12:17:38 +0000 (12:17 +0000)]
If intra area prefixes move from one router to another router, cloning routes
may become gateway routes and contrary. The kernel does not allow to change the
flags RTF_GATEWAY / RTF_CLONING in RTM_CHANGE messages, but ospf6d tried this
anyway. The result is a broken route.
Instead of modifying such routes remove the old route and insert a new one.
Thanks to Raimund Specht for reporting the problem and testing the fix.
OK claudio@
friehm [Tue, 10 Jul 2018 11:49:04 +0000 (11:49 +0000)]
Since we use multiple cloning routes (mpath) if more than one ip address
exists in the same network, the routes are distinguished by their gateway
address, which is the associated interface address.
The ospfd has to track the gateway addresses so that kroute_matchgw() is able to
find the correct routes.
OK claudio@
mpi [Tue, 10 Jul 2018 11:34:12 +0000 (11:34 +0000)]
Introduce new IPsec (per-CPU) statistics and refactor ESP input
callbacks to be able to count dropped packet.
Having more generic statistics will help troubleshooting problems
with specific tunnels. Per-TDB counters are coming once all the
refactoring bits are in.
ok markus@
friehm [Tue, 10 Jul 2018 11:22:54 +0000 (11:22 +0000)]
Remove DELAY(1000) from carp_send_arp() / carp_send_na() since it is not clear
why it was necessary.
OK bluhm@
'ok but watch for fallouts' mpi@
deraadt [Tue, 10 Jul 2018 11:00:11 +0000 (11:00 +0000)]
sync
friehm [Tue, 10 Jul 2018 10:55:21 +0000 (10:55 +0000)]
Let kroute_matchgw() select the correct route before checking flags.
OK claudio@
espie [Tue, 10 Jul 2018 10:37:59 +0000 (10:37 +0000)]
unify option parsing a bit more
espie [Tue, 10 Jul 2018 10:37:33 +0000 (10:37 +0000)]
zap old comments that are unlikely to ever come back
espie [Tue, 10 Jul 2018 10:20:51 +0000 (10:20 +0000)]
zap really old stuff
espie [Tue, 10 Jul 2018 10:18:34 +0000 (10:18 +0000)]
remove remnants of very old code, to simplify unification
bluhm [Tue, 10 Jul 2018 10:17:42 +0000 (10:17 +0000)]
In free(9) call wakeup() after mtx_leave() consistently.
OK kettenis@ visa@ mpi@
bluhm [Tue, 10 Jul 2018 10:02:14 +0000 (10:02 +0000)]
After removing raw_usrreq() from route and pfkey, the global sockaddr
variables can be delared constant.
OK claudio@ mpi@
benno [Tue, 10 Jul 2018 09:55:14 +0000 (09:55 +0000)]
dont let rtable number overflow,
we only support up to RT_TABLEID_MAX rtables
ok henning@, claudio@, phessler@
jasper [Tue, 10 Jul 2018 09:46:18 +0000 (09:46 +0000)]
s/ITUNER/MICROCHIP/ following usbdevs -r1.689
jasper [Tue, 10 Jul 2018 09:45:33 +0000 (09:45 +0000)]
regen
jasper [Tue, 10 Jul 2018 09:44:01 +0000 (09:44 +0000)]
replace the Ituner vendor with Microchip to match Linux at least
ok mpi@
sf [Tue, 10 Jul 2018 09:36:58 +0000 (09:36 +0000)]
re-remove some pre-auth compression bits
This time, make sure to not remove things that are necessary for
pre-auth compression on the client. Add a comment that pre-auth
compression is still supported in the client.
ok markus@
mpi [Tue, 10 Jul 2018 09:35:27 +0000 (09:35 +0000)]
Include <sys/queue.h> instead of relying on kernel headers to include
it.
ok markus@ as part of a larger diff
halex [Tue, 10 Jul 2018 09:33:34 +0000 (09:33 +0000)]
simplify and properly quote the loading of soii key generation material,
and move it into enable_network()
ok florian tb, long ago
henning [Tue, 10 Jul 2018 09:31:07 +0000 (09:31 +0000)]
document set delay
henning [Tue, 10 Jul 2018 09:30:49 +0000 (09:30 +0000)]
'set delay' for the generic packet delay mechanism, ok benno sashan
henning [Tue, 10 Jul 2018 09:30:13 +0000 (09:30 +0000)]
if_enqueue: call pf_delay_pkt() if m_pkthdr.pf.delay is set
ok benno sashan
henning [Tue, 10 Jul 2018 09:28:27 +0000 (09:28 +0000)]
provide a generic packet delay functionality. packets to be delayed are marked
by pf in the packet header. pf_delay_pkt reads the delay value from the packet
header, schedules a timeout and re-queues the packet when the timeout fires.
ok benno sashan
mpi [Tue, 10 Jul 2018 09:18:36 +0000 (09:18 +0000)]
Print USB port status/changes in verbose++ mode.
While here align the driver name with the new output.
mpi [Tue, 10 Jul 2018 09:17:03 +0000 (09:17 +0000)]
Change USB_DEVICEINFO to report USB port status/changes as currently
seen by the stack.
This will allows us to debug port status changes without relying on
external tools, like lsusb(1), that generate I/O.
While here correct USB3 LS port defines.
djm [Tue, 10 Jul 2018 09:13:30 +0000 (09:13 +0000)]
kerberos/gssapi fixes for buffer removal
claudio [Tue, 10 Jul 2018 09:12:52 +0000 (09:12 +0000)]
Switch also the aspath in rde_update_dispatch() to one on the stack.
Simplifies the code a bit.
OK denis@ phessler@
schwarze [Tue, 10 Jul 2018 09:10:03 +0000 (09:10 +0000)]
Disentangle the "SED ADDRESSES", "SED REGULAR EXPRESSIONS",
and "s/// command" sections and clarify what an escaped delimiter
does inside regular expressions and inside character classes.
Joint work with martijn@, no objection from jmc@.
espie [Tue, 10 Jul 2018 09:05:47 +0000 (09:05 +0000)]
rename some pkg checking tools
jca [Tue, 10 Jul 2018 09:05:11 +0000 (09:05 +0000)]
Add "listenrepv2" for MLDv2 Listener Reports from RFC3810
ok benno@
mlarkin [Tue, 10 Jul 2018 09:04:22 +0000 (09:04 +0000)]
vmm(4): remove a wrong comment
mpi [Tue, 10 Jul 2018 08:58:50 +0000 (08:58 +0000)]
Move socket & pipe specific logic in their ioctl handler.
ok visa@, tb@
guenther [Tue, 10 Jul 2018 08:57:44 +0000 (08:57 +0000)]
Drop the ignored selectors (tf_[defg]s) from the trap and interrupt frames.
ok mlarkin@ deraadt@ mpi@ kettenis@
kn [Tue, 10 Jul 2018 08:44:55 +0000 (08:44 +0000)]
fix anchor rules with filter opts, introduce filteropts_to_rule()
Some filter options were parsed but not set on anchor rules due to missing
copies of the respective struct members:
$ cat pf.conf
queue rq on trunk0 bandwidth 1G
queue dq parent rq bandwidth 1G default
anchor a set queue dq
$ pfctl -vnf pf.conf | fgrep queue
anchor "a" all
Fix this by moving common code from `anchorrule' and `pfrule' into a new
helper filteropts_to_rule().
Input from henning and benno
OK henning sashan jca
mlarkin [Tue, 10 Jul 2018 08:40:20 +0000 (08:40 +0000)]
vmd(8): route ELCR handler to the right function
mpi [Tue, 10 Jul 2018 08:08:00 +0000 (08:08 +0000)]
Missing CVS Id
benno [Tue, 10 Jul 2018 08:00:09 +0000 (08:00 +0000)]
compare the right things here: we want to know if the flag has changed.
Found with claudios help and patience.
ok phessler@ claudio@
benno [Tue, 10 Jul 2018 07:58:13 +0000 (07:58 +0000)]
Actually clear the right thing in rib_free()
Found by and with claudio.
ok phessler@ claudio@
djm [Tue, 10 Jul 2018 06:45:29 +0000 (06:45 +0000)]
buffer.[ch] and bufaux.c are no more
djm [Tue, 10 Jul 2018 06:43:52 +0000 (06:43 +0000)]
one mention of Buffer that almost got away :)
guenther [Tue, 10 Jul 2018 04:19:59 +0000 (04:19 +0000)]
Move from sendsig() to its callers the initsiginfo() calls and
instead of passing sendsig() the code+type+val, pass a siginfo_t*
to copy from. Eliminate the indirection through struct emul for
sendsig(); we no longer have a SunOS4-compat version of sendsig()
ok deraadt@
jsg [Tue, 10 Jul 2018 03:23:11 +0000 (03:23 +0000)]
Xr pci(4)
jsg [Tue, 10 Jul 2018 03:19:18 +0000 (03:19 +0000)]
sync arm64 and armv7 pci
jsg [Tue, 10 Jul 2018 03:07:15 +0000 (03:07 +0000)]
build pcidump on armv7
dlg [Tue, 10 Jul 2018 00:38:52 +0000 (00:38 +0000)]
move the verbose checksum info back after the colon.
requested by bluhm@ as it broke some regress tests for no good
reason.
mlarkin [Mon, 9 Jul 2018 22:07:14 +0000 (22:07 +0000)]
vmm(4): prohibit setting/clearing invalid bits in %cr0/%cr4. This was
previously caught later but resulted in a guest termination, now we
use #GP as the SDM recommends.
markus [Mon, 9 Jul 2018 21:59:10 +0000 (21:59 +0000)]
replace cast with call to sshbuf_mutable_ptr(); ok djm@
markus [Mon, 9 Jul 2018 21:56:06 +0000 (21:56 +0000)]
remove legacy buffer API emulation layer; ok djm@
markus [Mon, 9 Jul 2018 21:53:45 +0000 (21:53 +0000)]
sshd: switch monitor to sshbuf API; lots of help & ok djm@
markus [Mon, 9 Jul 2018 21:37:55 +0000 (21:37 +0000)]
sshd: switch GSSAPI to sshbuf API; ok djm@
markus [Mon, 9 Jul 2018 21:35:50 +0000 (21:35 +0000)]
sshd: switch authentication to sshbuf API; ok djm@
markus [Mon, 9 Jul 2018 21:29:36 +0000 (21:29 +0000)]
sshd: switch config to sshbuf API; ok djm@
markus [Mon, 9 Jul 2018 21:26:02 +0000 (21:26 +0000)]
sshd: switch loginmsg to sshbuf API; ok djm@
markus [Mon, 9 Jul 2018 21:20:26 +0000 (21:20 +0000)]
ttymodes: switch to sshbuf API; ok djm@
markus [Mon, 9 Jul 2018 21:18:10 +0000 (21:18 +0000)]
client: switch mux to sshbuf API; with & ok djm@
markus [Mon, 9 Jul 2018 21:03:30 +0000 (21:03 +0000)]
client: switch to sshbuf API; ok djm@
deraadt [Mon, 9 Jul 2018 20:59:07 +0000 (20:59 +0000)]
sync
markus [Mon, 9 Jul 2018 20:39:28 +0000 (20:39 +0000)]
pkcs11: switch to sshbuf API; ok djm@
jmc [Mon, 9 Jul 2018 20:38:15 +0000 (20:38 +0000)]
no more i386_vm86.2;
jasper [Mon, 9 Jul 2018 20:09:00 +0000 (20:09 +0000)]
sprinkle comments and rename iface to match its use to ctl_iface_idx
ok abieber@
jasper [Mon, 9 Jul 2018 20:06:12 +0000 (20:06 +0000)]
use UE_GET_XFERTYPE(); no binary change
bluhm [Mon, 9 Jul 2018 20:02:18 +0000 (20:02 +0000)]
Fix trailing whitespaces and too long line.
tb [Mon, 9 Jul 2018 19:51:18 +0000 (19:51 +0000)]
Move a detail on tls_connect(3) to its documentation and be a bit more
explicit about the servername argument of tls_connect_servername(3).
input & ok jsing, input & ok schwarze on earlier version
tb [Mon, 9 Jul 2018 19:47:20 +0000 (19:47 +0000)]
wording tweak for tls_init() from jsing
ok jsing, schwarze
kettenis [Mon, 9 Jul 2018 19:38:33 +0000 (19:38 +0000)]
Mark the i8254 clock interrupt MPSAFE. It isn't, but it doesn't matter
as it is impossoble to run an anything but a single-CPU machine with it.
ok mpi@, guenther@
deraadt [Mon, 9 Jul 2018 19:38:29 +0000 (19:38 +0000)]
ensure tape name and tape commands are not too long. passing too long
commands to the other side could cause problems.
ok guenther tb
guenther [Mon, 9 Jul 2018 19:20:29 +0000 (19:20 +0000)]
Delete the VM86 kernel option and i386_vm86(3) API: it's required
a custom kernel for over 20 years.
testing mlarkin@
ok deraadt@ phessler@ jca@ matthieu@
deraadt [Mon, 9 Jul 2018 18:58:11 +0000 (18:58 +0000)]
sync
patrick [Mon, 9 Jul 2018 18:50:38 +0000 (18:50 +0000)]
Enable pcagpio(4).
patrick [Mon, 9 Jul 2018 18:48:52 +0000 (18:48 +0000)]
Strip down the (not enabled) pcagpio(4) GPIO extender. This removes
the sensors code and user-controllable GPIO bus attachment but at the
same time hooks pcagpio(4) into the OFW GPIO framework so that it can
be used by other device tree based drivers.
Discussed with deraadt@
ok kettenis@
jmc [Mon, 9 Jul 2018 18:27:58 +0000 (18:27 +0000)]
these pages don;t need Bk/Ek;
order the options in pkg_outdated;
jmc [Mon, 9 Jul 2018 18:23:51 +0000 (18:23 +0000)]
out-of-date -> pkg_outdated;
deraadt [Mon, 9 Jul 2018 17:19:59 +0000 (17:19 +0000)]
sync
espie [Mon, 9 Jul 2018 17:18:56 +0000 (17:18 +0000)]
out-of-date -> pkg_outdated
claudio [Mon, 9 Jul 2018 16:51:29 +0000 (16:51 +0000)]
Inline the raw_usrreq() function into pfkeyv2_usrreq(). Similar to the
change to rtsock.c. This simplifies the pfkey code since there is no special
wrapping needed and in general the PRU cases get easier.
OK bluhm@ henning@ mpi@
claudio [Mon, 9 Jul 2018 16:49:36 +0000 (16:49 +0000)]
Inline the raw_usrreq() function into route_usrreq(). This simplifies the
route code since there is no more special wrapping needed and in some
places the PRU cases get easier because route(4) for example always connected.
OK bluhm@ henning@ mpi@
patrick [Mon, 9 Jul 2018 16:30:13 +0000 (16:30 +0000)]
Basic support for SFP modules in mvneta(4). SFP modules are basically
hotpluggable PHYs whose status can either be read using an I2C-connected
PHY, or using in-band status management implemented in the controller
itself over SGMII. With this, 802.3z SFPs work on mvneta(4).
bluhm [Mon, 9 Jul 2018 16:20:33 +0000 (16:20 +0000)]
Clear the part of fenv that is modified by old AMD Opteron during
process startup.
from guenther@
rpe [Mon, 9 Jul 2018 16:12:23 +0000 (16:12 +0000)]
Rename the THESETS variable to ALLSETS because it holds the list
of all legitimate OpenBSD set files. That helps to better understand
the code in context.
OK halex krw tb
mlarkin [Mon, 9 Jul 2018 16:11:37 +0000 (16:11 +0000)]
vmd(8): deassert interrupt pins in the PIC at the right times. Helps fix
situations where vmd gets stuck at 100% cpu usage because the guest VM
is constantly trying to ack interrupts that already occurred.
tested by phessler on a VM that used to exhibit the issue.
ok phessler
mlarkin [Mon, 9 Jul 2018 16:07:55 +0000 (16:07 +0000)]
vmd(8): better debug message in a failure case
claudio [Mon, 9 Jul 2018 15:35:59 +0000 (15:35 +0000)]
Wrong function name in error message
jmc [Mon, 9 Jul 2018 15:34:10 +0000 (15:34 +0000)]
resolve-lib -> port-resolve-lib-helper;
kn [Mon, 9 Jul 2018 15:07:06 +0000 (15:07 +0000)]
Zap dead code
Commented since r1.465 (2004).
OK deraadt benno jca sashan
espie [Mon, 9 Jul 2018 14:53:30 +0000 (14:53 +0000)]
resolve-lib -> port-resolve-lib-helper
espie [Mon, 9 Jul 2018 14:51:15 +0000 (14:51 +0000)]
do cleanup after tags, as noticed by aja@
kettenis [Mon, 9 Jul 2018 14:46:08 +0000 (14:46 +0000)]
Nack LDC protocol versions that we don't support. Avoids a hang on SPARC T3
systems (and possible newer systems as well).
claudio [Mon, 9 Jul 2018 14:44:02 +0000 (14:44 +0000)]
Move the max prefix checker into rde_update_update() instead of doing it
3 times outside.
OK sthen@
jca [Mon, 9 Jul 2018 14:11:00 +0000 (14:11 +0000)]
Kill fluff about how route(8) is of limited usefulness
Don't say that route(8) is mostly useful to set up a default route,
which is almost a lie. What's more, I'm not sure new users struggling
with route(8) should be pointed to ripd(8) (sic) or bgpd(8) as
a solution to their problems. ok benno@ kn@
schwarze [Mon, 9 Jul 2018 14:10:58 +0000 (14:10 +0000)]
Unify and disambiguate various aspects of the terminology, clarify
that there is only one softraid(4) controller (called softraid0), and
clarify that you cannot add or delete chunks, but merely replace them.
Tweaks and OK jsing@, and OK henning@ on a previous version.
claudio [Mon, 9 Jul 2018 14:08:48 +0000 (14:08 +0000)]
Introduce a struct filterstate and pass this to rde_filter instead of
passing the asp. This is no longer using asp_get() and should be therefor
be a bit lighter. Will also allow to put more stuff into the state.
OK denis@ sthen@
kettenis [Mon, 9 Jul 2018 14:01:13 +0000 (14:01 +0000)]
Add a phandle to v2m nodes.
espie [Mon, 9 Jul 2018 13:57:13 +0000 (13:57 +0000)]
move helper script to a more sensible name