summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Enable clocks and adjust for removal of subnodes in upstream Linuxkettenis2021-02-141-2/+4
| | | | device trees.
* Enable clocks.kettenis2021-02-141-1/+4
|
* Raise match priority to beat syscon(4).kettenis2021-02-141-39/+81
| | | | | | | Use the right clock for the Cortex-A7 cores. Support CPU clocks and remove exclock_cpuspeed(). ok patrick@
* regenkettenis2021-02-142-2/+12
|
* Add a few more devices that show up on the Apple M1 mini.kettenis2021-02-141-1/+3
| | | | ok patrick@, deraadt@
* distrib: restore rdsetroot -x usage (extract the disk.fs image) on stripped bsd.rdsemarie2021-02-149-19/+37
| | | | | | | | It passes options to keep rd_root_size and rd_root_image symbols while stripping. These symbols are the ones used by rdsetroot to insert or extract disk image into RAMDISK. ok danj@ deraadt@
* distrib: use ${MACHINE} instead of hardcoded valuesemarie2021-02-148-50/+50
| | | | ok deraadt@
* Shuffle how lldb register contexts are built.mortimer2021-02-149-29/+48
| | | | | | | | | | | | Instead of using #if defined(__arch__) to include / exclude the entire contents of the NativeRegisterContext implementations, use a single NativeRegisterContextOpenBSD_arch which includes the right arch specific register context, and provides a dummy implementation for unsupported architectures. This allows building lldb on architectures which do not have a register context implementation so it can be used as a remote client. ok patrick@
* Postpone installation of the periodic sensor task until at least oneanton2021-02-141-2/+4
| | | | device has connected.
* Bail out earlier during attach if no devices are paired with theanton2021-02-141-4/+7
| | | | receiver.
* Enumerate all features supported by a device on connect.anton2021-02-141-6/+93
| | | | Should help diagnose various reports regarding missing battery sensors.
* Introduce variables to deal with bit layout differences in the UFSTATkettenis2021-02-141-9/+26
| | | | | | | | | register. Use 32-bit reads and writes to access the URXH and UTXH registers. They're documented as 32-bit registers in the Exynos 4 and Exynos 5 User Manuals and accessing URXH with an 8-bit read triggers a fault on Apple's M1 SoC. ok patrick@
* Recent device trees have the syscon-reboot and syscon-poweroff nodes askettenis2021-02-142-11/+22
| | | | | | | children of the node claimed by expower(4). That node also fained a "syscon" compatible in the process. Deal with these changes, ok patrick@
* correct drm work flush behaviourjsg2021-02-142-6/+10
| | | | | | | | | Don't set taskq to system_wq in INIT_WORK(). Test if taskq pointer is non-NULL before calling taskq_barrier() in flush functions. fixes a black screen on boot problem with 5.10.y drm using nano x1 bisected by jcs@ to 'drm/i915: Always flush the active worker before returning from the wait'
* Cleanup lldb amd64 support.mortimer2021-02-134-474/+213
| | | | | | | | | | | | | | | | - Remove watchpoint support since we do not support hardware watchpoints. - Support floating point regsisters in the ReadAll/WriteAll interface. - Standardize the sizes used in GerGPRSize() and GetFPRSize() to correspond to the sizes we get from ptrace. - Fix the r/w of the mmx registers to map onto the st fp registers instead of xmm registers. - Normalize some variable names to be architecture neutral. ok patrick@
* distrib: remove .comment section systematicallysemarie2021-02-135-10/+6
| | | | | | | remove this section as part of crunchgen generated commands. it avoids calling "strip -R .comment" for some but not all architectures. ok deraadt@ danj@
* distrib: remove .SUNW_ctf only on kernelssemarie2021-02-137-18/+18
| | | | | | the .SUNW_ctf section is added by ctfstrip(1), which is only used for kernels. ok deraadt@ danj@
* distrib: merge "cp a b; strip b" to "objcopy -S a b"semarie2021-02-1310-38/+24
| | | | ok deraadt@ danj@
* distrib: remove duplicate strip(1) callssemarie2021-02-136-16/+6
| | | | | | | | | | | "strip -R section" command run "strip" (without option) as well. there is no need to call both. (binaries checked with sha1) original diff from danj@ ok deraadt@
* distrib: merge objcopy -Sg and strip commandssemarie2021-02-132-6/+4
| | | | | | | | | | | in the command "objcopy -Sg", the -g option (STRIP_DEBUG) overrides the -S option (STRIP_ALL). so it is the same as "objcopy -g". "strip" command without option is doing STRIP_ALL. merge the both commands to "objcopy -S" ok deraadt@ danj@
* distrib: remove STRIPOPTS variable from alpha and sparc64 Makefilesemarie2021-02-132-9/+5
| | | | ok deraadt@ danj@
* Revise cnmac(4)'s address filter setupvisa2021-02-134-114/+47
| | | | | | | | | Set up the DMAC filter in one go instead of doing it separately for unicast and multicast DMACs. This attempts to make the code a little more readable. The setup should now run a bit faster as well because it now does fewer register accesses. Tested on CN5020, CN6120 and CN7130.
* Add dynamic address configuration for roadwarrior clients.tobhe2021-02-1310-18/+751
| | | | | | | | | The new 'iface' config option can be used to specify an interface for the virtual addresses received from the peer. Routes are automatically added based on the configured flows. Input from sthen@ and claudio@ ok patrick@
* -h does not display version; from larry hynesjmc2021-02-131-3/+3
|
* readability fixes; from larry hynesjmc2021-02-131-4/+4
|
* various readability fixes; from larry hynesjmc2021-02-131-19/+19
|
* Fix some wrong comments and KNF/long line wrapsmlarkin2021-02-131-5/+8
|
* Fix a commentmlarkin2021-02-131-2/+2
|
* Remove trailing whitespacemlarkin2021-02-131-14/+14
| | | | No code/functional change
* Remove trailing whitespacemlarkin2021-02-131-6/+6
| | | | No code/functional change
* various readability fixes; from larry hynesjmc2021-02-131-6/+6
|
* add some missing articles; from larry hynesjmc2021-02-131-3/+4
|
* readability fix; from larry hynesjmc2021-02-131-4/+4
|
* comma swap; from larry hynesjmc2021-02-131-4/+4
|
* change documented drm nodes to /dev/dri/ and mention powerpc64jsg2021-02-131-5/+5
|
* Fix local and peer addresses in policy lookup for dangling SAstobhe2021-02-121-3/+3
| | | | | | after ikectl reload. ok patrick@
* syncderaadt2021-02-121-4/+0
|
* Some people still argue that rand(3) and random(3) have suitable deterministicderaadt2021-02-122-4/+10
| | | | | | | | | | | use cases, so explain the situation a bit more. Since the 80's, I estimate around 5 algorithm changes, so any chosen seed is unrepeatable UB. +The deterministic sequence algorithm changed a number of times since +original development, is underspecified, and should not be relied upon to +remain consistent between platforms and over time. ok jmc kettenis
* pf_remove_divert_state() is an entry point into pf, modifying the pf statepatrick2021-02-121-1/+7
| | | | | | | table. Hence we have to grab both the pf lock and the pf state lock. Found by dlg@ ok bluhm@ sashan@
* Xr to ssl(8) which has clues about EC key generation that are still usefulsthen2021-02-121-3/+4
| | | | to acme-client users.
* Tweak ssl(8)'s text about EC generation. Streamline by using "ecparamsthen2021-02-121-16/+23
| | | | | | | | | | -genkey" rather than separately generating parameters and key. Give a clue that some CAs accept only prime256v1. Show the user where to stop if they're just generating a private key for acme-client and therefore don't need to generate a csr or cert manually. Add xr to acme-client(1) suggest by tb@. ok jmc tb
* Fix null pointer dereference in pf_route6(). Embedding scope intobluhm2021-02-121-3/+1
| | | | | | addresses that come from pf cannot be right, so remove the code. Coverity CID 1501718 OK dlg@ claudio@
* Sync cert.pem with Mozilla NSS root CAs, except "GeoTrust Global CA", ok tb@sthen2021-02-121-659/+417
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Notably this update removes various old Symantec roots (GeoTrust, thawte, VeriSign) that were set in NSS to be distrusted on 1/1/2021. Nobody should have been using these for years; only certain subCAs signed by these were valid in NSS in that time due to an exemption: https://wiki.mozilla.org/CA/Additional_Trust_Changes#Symantec Notably Apple's "Apple IST CA 2 - G1" which is still in use for some endpoints (it is cross signed by another CA too but these endpoints are publishing the GeoTrust intermediate cert). So for now I have skipped removal of "GeoTrust Global CA" to avoid affecting these sites. Debian ran into this when they updated their cert database and had to back this part out, affected sites are not reachable on Android Firefox and maybe other newer Firefoxes. Some sites that were affected have moved to a different CA in the last few days but others, notably api.push.apple.com, remain (I can only guess that there is a complicated problem involved, possibly cert pinning on old devices - the clock is ticking though as this expires in May 2022 anyway ;) Additions: /C=RO/O=CERTSIGN SA/OU=certSIGN ROOT CA G2 /C=HU/L=Budapest/O=Microsec Ltd./2.5.4.97=VATHU-23584497/CN=e-Szigno Root CA 2017 /C=KR/O=NAVER BUSINESS PLATFORM Corp./CN=NAVER Global Root Certification Authority /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global Certification Authority /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P256 Certification Authority /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P384 Certification Authority Removals: /C=US/O=GeoTrust Inc./CN=GeoTrust Primary Certification Authority /C=US/O=GeoTrust Inc./CN=GeoTrust Universal CA /C=US/O=GeoTrust Inc./CN=GeoTrust Universal CA 2 /C=US/O=GeoTrust Inc./OU=(c) 2008 GeoTrust Inc. - For authorized use only/CN=GeoTrust Primary Certification Authority - G3 /C=TW/O=Government Root Certification Authority /C=LU/O=LuxTrust S.A./CN=LuxTrust Global Root 2 /C=US/O=thawte, Inc./OU=(c) 2007 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA - G2 /C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA /C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2008 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA - G3 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G3 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2007 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G4 /C=CH/O=WISeKey/OU=Copyright (c) 2005/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GA CA
* A few more flag combo's to testotto2021-02-121-2/+14
|
* syncjsg2021-02-1214-69/+189
|
* create /dev/ drm nodes with the same names as linuxjsg2021-02-1214-14/+39
| | | | | | | | | | | | | | | | This was proposed by Emil Velikov to simplify libdrm and will remove the need for some patches in ports. /dev/drm0 -> /dev/dri/card0 /dev/drmR128 -> /dev/dri/renderD128 The previous names will remain for a period of time and will later be removed. Major and minor numbers remain the same. libdrm will not be changed to use the new names until known privsep and sandbox use has been updated to allow the new names. ok deraadt@
* do not need 66 keys anymorederaadt2021-02-124-8/+0
|
* Do not care about the server socket closing if exiting anyway.nicm2021-02-122-5/+7
|
* sftp: add missing lsetstat@openssh.com documentationdjm2021-02-123-13/+39
| | | | patch from Mike Frysinger
* factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own functiondjm2021-02-121-41/+59
| | | | and remove an unused variable; ok dtucker@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.