Now
MAIN commitmail json YAML
apei(4): Fix register chunk counting.
Now it will actually read and write the registers!
Have been updating and reloading the wrong module to test this, oops.
PR kern/58046
Now it will actually read and write the registers!
Have been updating and reloading the wrong module to test this, oops.
PR kern/58046
MAIN commitmail json YAML
src/distrib/sets/lists/debug/module.md.amd64@1.16
/
diff
/
nxr@1.16
src/distrib/sets/lists/debug/module.md.i386@1.10 / diff / nxr@1.10
src/distrib/sets/lists/modules/md.amd64@1.102 / diff / nxr@1.102
src/distrib/sets/lists/modules/md.i386@1.99 / diff / nxr@1.99
src/share/man/man4/acpihed.4@1.1 / diff / nxr@1.1
src/share/man/man4/apei.4@1.2 / diff / nxr@1.2
src/sys/arch/amd64/conf/ALL@1.186 / diff / nxr@1.186
src/sys/arch/i386/conf/ALL@1.517 / diff / nxr@1.517
src/sys/dev/acpi/acpi_hed.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/files.acpi@1.132 / diff / nxr@1.132
src/sys/modules/Makefile@1.284 / diff / nxr@1.284
src/sys/modules/acpihed/Makefile@1.1 / diff / nxr@1.1
src/sys/modules/acpihed/acpihed.ioconf@1.1 / diff / nxr@1.1
src/distrib/sets/lists/debug/module.md.i386@1.10 / diff / nxr@1.10
src/distrib/sets/lists/modules/md.amd64@1.102 / diff / nxr@1.102
src/distrib/sets/lists/modules/md.i386@1.99 / diff / nxr@1.99
src/share/man/man4/acpihed.4@1.1 / diff / nxr@1.1
src/share/man/man4/apei.4@1.2 / diff / nxr@1.2
src/sys/arch/amd64/conf/ALL@1.186 / diff / nxr@1.186
src/sys/arch/i386/conf/ALL@1.517 / diff / nxr@1.517
src/sys/dev/acpi/acpi_hed.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/files.acpi@1.132 / diff / nxr@1.132
src/sys/modules/Makefile@1.284 / diff / nxr@1.284
src/sys/modules/acpihed/Makefile@1.1 / diff / nxr@1.1
src/sys/modules/acpihed/acpihed.ioconf@1.1 / diff / nxr@1.1
acpihed(4): New driver for PNP0C33 to notify apei(4).
PNP0C33 denotes the ACPI Hardware Error Device, which exists only to
be a vector for event notifications.
PR kern/58046
PNP0C33 denotes the ACPI Hardware Error Device, which exists only to
be a vector for event notifications.
PR kern/58046
MAIN commitmail json YAML
apei(4): Note some TODOs for EINJ and HEST.
No functional change intended, comments only.
PR kern/58046
No functional change intended, comments only.
PR kern/58046
MAIN commitmail json YAML
apei(4): Fix parsing checks for TRIGGER_ERROR action table.
The TableSize is size of the header plus the body, not just the body.
PR kern/58046
The TableSize is size of the header plus the body, not just the body.
PR kern/58046
MAIN commitmail json YAML
apei(4): Tweak some comments about the APEI interpreter language.
No functional change intended.
PR kern/58046
No functional change intended.
PR kern/58046
MAIN commitmail json YAML
apei(4): Pacify -Wsign-compare.
Assert that the parsing made forward progress too while here.
PR kern/58046
Assert that the parsing made forward progress too while here.
PR kern/58046
MAIN commitmail json YAML
src/distrib/sets/lists/debug/module.md.amd64@1.15
/
diff
/
nxr@1.15
src/distrib/sets/lists/debug/module.md.i386@1.9 / diff / nxr@1.9
src/distrib/sets/lists/modules/md.amd64@1.101 / diff / nxr@1.101
src/distrib/sets/lists/modules/md.i386@1.98 / diff / nxr@1.98
src/share/man/man4/apei.4@1.1 / diff / nxr@1.1
src/sys/arch/amd64/conf/ALL@1.185 / diff / nxr@1.185
src/sys/arch/i386/conf/ALL@1.516 / diff / nxr@1.516
src/sys/dev/acpi/apei.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_bert.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_bertvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_cper.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_einj.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_einjvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_erst.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_erstvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hed.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hest.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hestvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_interp.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_interp.h@1.1 / diff / nxr@1.1
:
(more 9 files)
src/distrib/sets/lists/debug/module.md.i386@1.9 / diff / nxr@1.9
src/distrib/sets/lists/modules/md.amd64@1.101 / diff / nxr@1.101
src/distrib/sets/lists/modules/md.i386@1.98 / diff / nxr@1.98
src/share/man/man4/apei.4@1.1 / diff / nxr@1.1
src/sys/arch/amd64/conf/ALL@1.185 / diff / nxr@1.185
src/sys/arch/i386/conf/ALL@1.516 / diff / nxr@1.516
src/sys/dev/acpi/apei.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_bert.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_bertvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_cper.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_einj.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_einjvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_erst.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_erstvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hed.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hest.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_hestvar.h@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_interp.c@1.1 / diff / nxr@1.1
src/sys/dev/acpi/apei_interp.h@1.1 / diff / nxr@1.1
:
(more 9 files)
apei(4): New driver for ACPI Platform Error Interfaces.
For now it is wired up only in x86 ALL kernels, and built as a module
for x86 and Arm. Once it gets a little more testing on machines with
APEI, I would like to flip it on by default.
PR kern/58046
For now it is wired up only in x86 ALL kernels, and built as a module
for x86 and Arm. Once it gets a little more testing on machines with
APEI, I would like to flip it on by default.
PR kern/58046
MAIN commitmail json YAML
src/distrib/amd64/ramdisks/common/Makefile.ramdisk@1.17
/
diff
/
nxr@1.17
src/distrib/i386/ramdisks/common/Makefile.ramdisk@1.16 / diff / nxr@1.16
src/etc/etc.amd64/Makefile.inc@1.17 / diff / nxr@1.17
src/etc/etc.i386/Makefile.inc@1.70 / diff / nxr@1.70
src/distrib/i386/ramdisks/common/Makefile.ramdisk@1.16 / diff / nxr@1.16
src/etc/etc.amd64/Makefile.inc@1.17 / diff / nxr@1.17
src/etc/etc.i386/Makefile.inc@1.70 / diff / nxr@1.70
x86: Release the ramdisks too.
This way we will get cgdroot.fs (and zfsroot.fs too) in the release.
PR misc/57534
This way we will get cgdroot.fs (and zfsroot.fs too) in the release.
PR misc/57534
MAIN commitmail json YAML
libcrypto: Add expected symbol list to check at build-time.
MAIN commitmail json YAML
bsd.lib.mk: Check expected vs actual symbols at build-time.
If, for LIB=foo, you create a file foo.expsym, bsd.lib.mk will list
the dynamic symbols and their versions with
nm --dynamic --extern-only --defined-only --with-symbol-versions
and compare the names (not addresses or types) to foo.expsym. If
there are any differences, they will be printed and the build will
fail.
foo.expsym should be sorted with `LANG=C sort -u'.
This way, you can verify changes don't inadvertently add or remove
symbols. If you do want to add (or, if you're bumping the major,
remove) symbols, you can verify the changes and edit the foo.expsym
file accordingly. This will also help to enforce rules about symbol
changes on pullups in release branches.
Note that using a version map (-Wl,--version-script=...) doesn't
catch symbol removal -- ld quietly ignores symbols in the version map
that aren't actually defined by any object in the library. So this
supplements the version map.
Proposed on tech-userlevel:
https://mail-index.NetBSD.org/tech-userlevel/2024/03/16/msg014264.html
If, for LIB=foo, you create a file foo.expsym, bsd.lib.mk will list
the dynamic symbols and their versions with
nm --dynamic --extern-only --defined-only --with-symbol-versions
and compare the names (not addresses or types) to foo.expsym. If
there are any differences, they will be printed and the build will
fail.
foo.expsym should be sorted with `LANG=C sort -u'.
This way, you can verify changes don't inadvertently add or remove
symbols. If you do want to add (or, if you're bumping the major,
remove) symbols, you can verify the changes and edit the foo.expsym
file accordingly. This will also help to enforce rules about symbol
changes on pullups in release branches.
Note that using a version map (-Wl,--version-script=...) doesn't
catch symbol removal -- ld quietly ignores symbols in the version map
that aren't actually defined by any object in the library. So this
supplements the version map.
Proposed on tech-userlevel:
https://mail-index.NetBSD.org/tech-userlevel/2024/03/16/msg014264.html
MAIN commitmail json YAML
src/sys/dev/acpi/acpi.c@1.299
/
diff
/
nxr@1.299
src/sys/dev/acpi/acpivar.h@1.90 / diff / nxr@1.90
src/sys/dev/acpi/files.acpi@1.129 / diff / nxr@1.129
src/sys/dev/acpi/acpivar.h@1.90 / diff / nxr@1.90
src/sys/dev/acpi/files.acpi@1.129 / diff / nxr@1.129
acpi(4): New iattr `apeibus' for attaching an APEI driver.
APEI is the ACPI Platform Error Interface, a standard (if very
complicated) interface for reporting hardware errors to the OS.
Firmware support for APEI is presented through the ACPI tables BERT
(Boot Error Record Table), ERST (Error Record Serialization Table),
EINJ (Error Injection Table), and HEST (Hardware Error Source Table),
rather than through nodes in the ACPI device tree, so it can't just
attach through the existing acpinodebus iattr and instead requires a
special pseudo-bus like acpiwdrt(4).
No driver yet -- this is just the hook to attach one in a module.
The new member sc_apei of struct acpi_softc is placed at the end of
the structure so that this change can be safely pulled up to release
branches without risk to ABI compatibility in existing modules such
as acpiverbose.kmod which may rely on the layout (but not size) of
struct acpi_softc.
PR kern/58046
APEI is the ACPI Platform Error Interface, a standard (if very
complicated) interface for reporting hardware errors to the OS.
Firmware support for APEI is presented through the ACPI tables BERT
(Boot Error Record Table), ERST (Error Record Serialization Table),
EINJ (Error Injection Table), and HEST (Hardware Error Source Table),
rather than through nodes in the ACPI device tree, so it can't just
attach through the existing acpinodebus iattr and instead requires a
special pseudo-bus like acpiwdrt(4).
No driver yet -- this is just the hook to attach one in a module.
The new member sc_apei of struct acpi_softc is placed at the end of
the structure so that this change can be safely pulled up to release
branches without risk to ABI compatibility in existing modules such
as acpiverbose.kmod which may rely on the layout (but not size) of
struct acpi_softc.
PR kern/58046
MAIN commitmail json YAML
strptime(3): Declare digit d as time_t.
This doesn't make a semantic difference -- d can only take on the ten
values {0,1,2,3,4,5,6,7,8,9}, and the arithmetic with it later all
comes out the same whether the type is unsigned or time_t, even if
time_t were int32_t instead of int64_t.
But it pacifies overzealous compilers used by downstream users of
this code. And while it's silly to use a much wider type (64-bit
signed) than is needed here to store a single digit, it doesn't
really hurt either (32-bit unsigned is much larger than needed too).
PR lib/58041
This doesn't make a semantic difference -- d can only take on the ten
values {0,1,2,3,4,5,6,7,8,9}, and the arithmetic with it later all
comes out the same whether the type is unsigned or time_t, even if
time_t were int32_t instead of int64_t.
But it pacifies overzealous compilers used by downstream users of
this code. And while it's silly to use a much wider type (64-bit
signed) than is needed here to store a single digit, it doesn't
really hurt either (32-bit unsigned is much larger than needed too).
PR lib/58041
MAIN commitmail json YAML
strptime(3): Reduce unnecessary indentation.
Post-fix tidying.
No functional change intended.
PR lib/58041
Post-fix tidying.
No functional change intended.
PR lib/58041
MAIN commitmail json YAML
strptime(3): Exercise some edge cases in the automatic tests.
Unfortunately, we can't quite use strptime as a black box to detect
the cases that triggered undefined behaviour, because strptime just
fails in that case anyway since the number that would go in .tm_year
is far out of the representable range.
PR lib/58041
Unfortunately, we can't quite use strptime as a black box to detect
the cases that triggered undefined behaviour, because strptime just
fails in that case anyway since the number that would go in .tm_year
is far out of the representable range.
PR lib/58041
MAIN commitmail json YAML
src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c@1.2
/
diff
/
nxr@1.2
src/crypto/external/bsd/openssl/dist/include/crypto/sha.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c@1.4 / diff / nxr@1.4
src/tests/crypto/libcrypto/t_sha512trunc.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/include/crypto/sha.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c@1.4 / diff / nxr@1.4
src/tests/crypto/libcrypto/t_sha512trunc.c@1.2 / diff / nxr@1.2
libcrypto: Fix buffer overrun in truncated SHA-512 functions.
Further fallout from the libc/openssl sha2 symbol collision.
PR lib/58039
Further fallout from the libc/openssl sha2 symbol collision.
PR lib/58039
MAIN commitmail json YAML
doc/3RDPARTY: Note OpenSSL vendor/release tags.
MAIN commitmail json YAML
src/distrib/sets/lists/debug/mi@1.430
/
diff
/
nxr@1.430
src/distrib/sets/lists/tests/mi@1.1311 / diff / nxr@1.1311
src/tests/crypto/libcrypto/Makefile@1.16 / diff / nxr@1.16
src/tests/crypto/libcrypto/t_sha512trunc.c@1.1 / diff / nxr@1.1
src/distrib/sets/lists/tests/mi@1.1311 / diff / nxr@1.1311
src/tests/crypto/libcrypto/Makefile@1.16 / diff / nxr@1.16
src/tests/crypto/libcrypto/t_sha512trunc.c@1.1 / diff / nxr@1.1
libcrypto: Add some trivial tests for truncated SHA-512 variants.
These should use more of the test vectors from
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
but this will do for now to detect the buffer overrun rake we left
lying around for ourselves.
PR lib/58039
These should use more of the test vectors from
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
but this will do for now to detect the buffer overrun rake we left
lying around for ourselves.
PR lib/58039
MAIN commitmail json YAML
evbarm/instkernel/sshramdisk: Put firmware in the right paths.
Maybe this should also be wired up to `release' to put the ramdisk in
the releasedir so we detect destdir path leakage like this had.
PR port-evbarm/58035
Maybe this should also be wired up to `release' to put the ramdisk in
the releasedir so we detect destdir path leakage like this had.
PR port-evbarm/58035
MAIN commitmail json YAML
evbmips/interrupt.c: No need for __diagused with KASSERT.
KASSERT already references all the variables even in !DIAGNOSTIC
builds (but evaluates nothing at run-time in that case).
That said: Is the curlwp->l_blcnt assertion correct? Can't curlwp be
changed in this interrupt handler by preemption?
KASSERT already references all the variables even in !DIAGNOSTIC
builds (but evaluates nothing at run-time in that case).
That said: Is the curlwp->l_blcnt assertion correct? Can't curlwp be
changed in this interrupt handler by preemption?
MAIN commitmail json YAML
wg(4): Rework example numbering for clarity and add IPv6.
Let's avoid triggering unease with host number 0.
PR misc/58015
Let's avoid triggering unease with host number 0.
PR misc/58015
MAIN commitmail json YAML
nvme(4): Disestablish admin q interrupt while suspended.
And re-establish on resume. Fixes nvmectl(8) after a suspend/resume
cycle on some systems.
Adapted from a patch by mrg@.
PR kern/58025
And re-establish on resume. Fixes nvmectl(8) after a suspend/resume
cycle on some systems.
Adapted from a patch by mrg@.
PR kern/58025
MAIN commitmail json YAML
wg(4): Bind to CPU in wg_handle_packet.
Required by use of psref there.
Assert we're bound up front so we catch mistakes early, rather than
later on if we get unlucky in preemption and scheduling.
PR bin/58021
Required by use of psref there.
Assert we're bound up front so we catch mistakes early, rather than
later on if we get unlucky in preemption and scheduling.
PR bin/58021
MAIN commitmail json YAML
wg(4): Spruce up example a bit.
- Suggest umask so the private keys aren't world readable.
- Suggest use of pre-shared key files.
- Use TEST-NET-1 and TEST-NET-2 addresses for the example instead of
real publicly routable addresses.
Holding off on adding IPv6 example until the tun(4) issue is fixed
(PR bin/58013).
PR misc/58015
- Suggest umask so the private keys aren't world readable.
- Suggest use of pre-shared key files.
- Use TEST-NET-1 and TEST-NET-2 addresses for the example instead of
real publicly routable addresses.
Holding off on adding IPv6 example until the tun(4) issue is fixed
(PR bin/58013).
PR misc/58015
MAIN commitmail json YAML
heartbeat(9): Return early if panicstr is set.
This way we avoid doing unnecessary work -- and print unnecessary
messages -- to _not_ trigger another panic anyway.
PR kern/58011
This way we avoid doing unnecessary work -- and print unnecessary
messages -- to _not_ trigger another panic anyway.
PR kern/58011
MAIN commitmail json YAML
certctl(8): Pacify formal POSIX sh syntax.
According to POSIX 2018, the syntax between `then' and `elif' and
`fi' must be a _non-empty_ list of commands:
compound_list : linebreak term
| linebreak term separator
;
...
if_clause : If compound_list Then compound_list else_part Fi
| If compound_list Then compound_list Fi
;
else_part : Elif compound_list Then compound_list
| Elif compound_list Then compound_list else_part
| Else compound_list
;
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_10_02
NetBSD's sh(1) currently doesn't enforce this and allows an empty
sequence of commands, but let's not rely on that nonstandard quirk.
Noted in PR 57997.
According to POSIX 2018, the syntax between `then' and `elif' and
`fi' must be a _non-empty_ list of commands:
compound_list : linebreak term
| linebreak term separator
;
...
if_clause : If compound_list Then compound_list else_part Fi
| If compound_list Then compound_list Fi
;
else_part : Elif compound_list Then compound_list
| Elif compound_list Then compound_list else_part
| Else compound_list
;
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_10_02
NetBSD's sh(1) currently doesn't enforce this and allows an empty
sequence of commands, but let's not rely on that nonstandard quirk.
Noted in PR 57997.
MAIN commitmail json YAML
certctl(8): Avoid basename(1).
Saves some time running subprocesses. Since this is only used for
non-directories (i.e., there's never trailing / on the inputs), it
suffices to delete the longest prefix matching glob `*/' with shell
parameter expansion -- much cheaper than spawning a subprocess.
Shaves off about 1/3 of the time spent in `certctl list' on an
aarch64 VM in qemu.
PR bin/57993
Saves some time running subprocesses. Since this is only used for
non-directories (i.e., there's never trailing / on the inputs), it
suffices to delete the longest prefix matching glob `*/' with shell
parameter expansion -- much cheaper than spawning a subprocess.
Shaves off about 1/3 of the time spent in `certctl list' on an
aarch64 VM in qemu.
PR bin/57993
MAIN commitmail json YAML
mozilla-certdata: Fix typo: sprintf, not snprintf, in awk.
Only used during import, and only in case something is wrong anyway
requiring manual intervention, so no change to builds.
Only used during import, and only in case something is wrong anyway
requiring manual intervention, so no change to builds.
MAIN commitmail json YAML
doc/3RDPARTY: mozilla-certdata is up-to-date.
MAIN commitmail json YAML
mozilla-certdata: Update set lists.
MAIN commitmail json YAML
src/external/mpl/mozilla-certdata/share/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.1.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem@1.2 / diff / nxr@1.2
src/external/mpl/mozilla-certdata/share/certs/Chambers_of_Commerce_Root_-_2008.pem deleted
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_ECC_Root-01.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_ECC_Root-02.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_RSA_Root-01.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_RSA_Root-02.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/D-Trust_SBR_Root_CA_1_2022.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/D-Trust_SBR_Root_CA_2_2022.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Global_Chambersign_Root_-_2008.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Security_Communication_Root_CA.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_SMIME_ECC_Root_2021.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_SMIME_RSA_Root_2023.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_TLS_ECC_Root_2020.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_TLS_RSA_Root_2023.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustAsia_Global_Root_CA_G3.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustAsia_Global_Root_CA_G4.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustCor_ECA-1.pem deleted
:
(more 6 files)
src/external/mpl/mozilla-certdata/share/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem@1.2 / diff / nxr@1.2
src/external/mpl/mozilla-certdata/share/certs/Chambers_of_Commerce_Root_-_2008.pem deleted
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_ECC_Root-01.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_ECC_Root-02.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_RSA_Root-01.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/CommScope_Public_Trust_RSA_Root-02.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/D-Trust_SBR_Root_CA_1_2022.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/D-Trust_SBR_Root_CA_2_2022.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Global_Chambersign_Root_-_2008.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Security_Communication_Root_CA.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem deleted
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_SMIME_ECC_Root_2021.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_SMIME_RSA_Root_2023.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_TLS_ECC_Root_2020.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/Telekom_Security_TLS_RSA_Root_2023.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustAsia_Global_Root_CA_G3.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustAsia_Global_Root_CA_G4.pem@1.1 / diff / nxr@1.1
src/external/mpl/mozilla-certdata/share/certs/TrustCor_ECA-1.pem deleted
:
(more 6 files)
mozilla-certdata: regen
MAIN commitmail json YAML
mozilla-certdata: Update reference in Makefile.
MAIN commitmail json YAML
urtwn(4): Ditch old queued commands on overflow.
Don't increment ring->queued past what the task will decrement.
This is a stop-gap measure; really, we should just have one task for
each operation that is deferred to the task thread.
PR kern/57965
Don't increment ring->queued past what the task will decrement.
This is a stop-gap measure; really, we should just have one task for
each operation that is deferred to the task thread.
PR kern/57965
MAIN commitmail json YAML
heartbeat(9): Restore still-applicable comment nixed in last commit.
The nesting depth is stored in ci_heartbeat_suspend which is 32-bit.
The nesting depth is stored in ci_heartbeat_suspend which is 32-bit.
MAIN commitmail json YAML
heartbeat(9): No kpreempt_disable/enable in heartbeat_suspend/resume.
This causes a leak of l_nopreempt in xc_thread when a CPU is offlined
and onlined again, because the offlining heartbeat_suspend and the
onlining heartbeat_resume happen in separate xcalls.
No change to callers because they are already bound to the CPU:
1. cnpollc does kpreempt_disable/enable itself around the calls to
heartbeat_suspend/resume anyway
2. cpu_xc_offline/online run in the xcall thread, which is always
bound to the CPU that is being offlined or onlined
This causes a leak of l_nopreempt in xc_thread when a CPU is offlined
and onlined again, because the offlining heartbeat_suspend and the
onlining heartbeat_resume happen in separate xcalls.
No change to callers because they are already bound to the CPU:
1. cnpollc does kpreempt_disable/enable itself around the calls to
heartbeat_suspend/resume anyway
2. cpu_xc_offline/online run in the xcall thread, which is always
bound to the CPU that is being offlined or onlined
MAIN commitmail json YAML
MAIN commitmail json YAML
longjmp(3) t_sigstack: Fix fencepost error.
Extremely unlikely to cause trouble, but let's just turn that into
`never' to keep it easier for readers.
PR lib/57946
Extremely unlikely to cause trouble, but let's just turn that into
`never' to keep it easier for readers.
PR lib/57946
MAIN commitmail json YAML
ramdisk-zfsroot: Enable build by default on amd64.
XXX Should maybe copy this to other ports like evbarm64 too.
PR port-amd64/57948
XXX Should maybe copy this to other ports like evbarm64 too.
PR port-amd64/57948
MAIN commitmail json YAML
longjmp(3) t_sigstack: Use a sigaltstack per handler entry.
longjmp evidently doesn't reset the state of whether the process is
executing on the alternate signal stack. So when we re-enter the
signal handler, the alternate stack appears to be still in use, and
the system chooses the original stack for the second call to the
signal handler -- which trips our assertion asking to verify that the
signal handler is always using an alternate stack.
Not strictly necessary for the signal handler to use an alternate
stack on re-entry, but this makes it clearer that the signal handler
itself is always using the alternate stack so we can verify that the
interrupted code is _not_ in the signal handler.
With this change, the test now passes on aarch64.
PR lib/57946
longjmp evidently doesn't reset the state of whether the process is
executing on the alternate signal stack. So when we re-enter the
signal handler, the alternate stack appears to be still in use, and
the system chooses the original stack for the second call to the
signal handler -- which trips our assertion asking to verify that the
signal handler is always using an alternate stack.
Not strictly necessary for the signal handler to use an alternate
stack on re-entry, but this makes it clearer that the signal handler
itself is always using the alternate stack so we can verify that the
interrupted code is _not_ in the signal handler.
With this change, the test now passes on aarch64.
PR lib/57946
MAIN commitmail json YAML
longjmp(3) t_sigstack: Note aarch64 seems to DTRT.
But only by code inspection; it appears to have another problem: on
re-entry, the signal handler is called on the normal stack, not on
the alternate signal stack.
PR lib/57946
But only by code inspection; it appears to have another problem: on
re-entry, the signal handler is called on the normal stack, not on
the alternate signal stack.
PR lib/57946
MAIN commitmail json YAML
MAIN commitmail json YAML
hdaudio(4): KNF, no functional change intended
MAIN commitmail json YAML
hdaudio(4): Tighten hdafg_freem.
The fix for PR kern/57890 in hdafg.c 1.29 included more conditionals
than needed, covering cases that can't happen: if allocm returns
null, audio(4) does not call freem; and if hdafg_allocm returns
nonnull, then what audio(4) passes to hdafg_freem had better be
either the playback or the capture buffer address.
The fix for PR kern/57890 in hdafg.c 1.29 included more conditionals
than needed, covering cases that can't happen: if allocm returns
null, audio(4) does not call freem; and if hdafg_allocm returns
nonnull, then what audio(4) passes to hdafg_freem had better be
either the playback or the capture buffer address.
MAIN commitmail json YAML
agp_i810(4): Use ipi(9) for chipset flush on all CPUs, not xcall(9).
i915 now calls into this with a spin lock held, so we have to use
ipi(9), which spin-waits for the other CPUs to complete, rather than
xcall(9), which may sleep-wait.
Fortunately, this is just to execute WBINVD on x86 (and if this code
ever runs on other architectures, which it probably doesn't, it'll be
a similar barrier instruction), so spinning to wait for that on all
CPUs isn't too costly.
PR kern/57878
XXX pullup-10
i915 now calls into this with a spin lock held, so we have to use
ipi(9), which spin-waits for the other CPUs to complete, rather than
xcall(9), which may sleep-wait.
Fortunately, this is just to execute WBINVD on x86 (and if this code
ever runs on other architectures, which it probably doesn't, it'll be
a similar barrier instruction), so spinning to wait for that on all
CPUs isn't too costly.
PR kern/57878
XXX pullup-10
MAIN commitmail json YAML
postinstall(8): Don't say /etc/openssl/certs.conf already exists.
It's confusing when all the other `postinstall fix' actions are
silent in the event they don't have anything to do.
PR install/57885
It's confusing when all the other `postinstall fix' actions are
silent in the event they don't have anything to do.
PR install/57885
MAIN commitmail json YAML
src/distrib/sets/lists/base/mi@1.1331
/
diff
/
nxr@1.1331
src/etc/mtree/NetBSD.dist.base@1.255 / diff / nxr@1.255
src/etc/mtree/NetBSD.dist.base@1.255 / diff / nxr@1.255
NetBSD.dist.base: Nix /var/run/named.
/var/run is emptied at boot time by /etc/rc.d/mountcritlocal, so
there's no point in creating this at install time -- it has to be
created on the fly after /var/run is cleared on every boot anyway.
Mark /var/run/named obsolete in the set lists. XXX This isn't quite
right, because it is legitimate for /var/run/named to exist in a
running installation, but it doesn't exist in a freshly installed
system any more. Maybe we should just remove the entry from the set
lists and add a note to UPDATING about deleting it manually from the
destdir in incremental builds.
PR misc/57877
/var/run is emptied at boot time by /etc/rc.d/mountcritlocal, so
there's no point in creating this at install time -- it has to be
created on the fly after /var/run is cleared on every boot anyway.
Mark /var/run/named obsolete in the set lists. XXX This isn't quite
right, because it is legitimate for /var/run/named to exist in a
running installation, but it doesn't exist in a freshly installed
system any more. Maybe we should just remove the entry from the set
lists and add a note to UPDATING about deleting it manually from the
destdir in incremental builds.
PR misc/57877
MAIN commitmail json YAML
NetBSD.dist.base: Fix permissions on /dev/pts.
No reason to write to this -- it's expected to have ptyfs mounted,
and ptyfs doesn't allow changing the directory. So use 0555
(-r-xr-xr-x) instead of 0755 (-rwxr-xr-x), like it is by default with
ptyfs mounted.
PR misc/57877
No reason to write to this -- it's expected to have ptyfs mounted,
and ptyfs doesn't allow changing the directory. So use 0555
(-r-xr-xr-x) instead of 0755 (-rwxr-xr-x), like it is by default with
ptyfs mounted.
PR misc/57877
MAIN commitmail json YAML
src/distrib/sets/lists/tests/mi@1.1300
/
diff
/
nxr@1.1300
src/etc/mtree/NetBSD.dist.tests@1.202 / diff / nxr@1.202
src/tests/usr.bin/Makefile@1.39 / diff / nxr@1.39
src/tests/usr.bin/mtree/Makefile@1.1 / diff / nxr@1.1
src/tests/usr.bin/mtree/t_sets.sh@1.1 / diff / nxr@1.1
src/etc/mtree/NetBSD.dist.tests@1.202 / diff / nxr@1.202
src/tests/usr.bin/Makefile@1.39 / diff / nxr@1.39
src/tests/usr.bin/mtree/Makefile@1.1 / diff / nxr@1.1
src/tests/usr.bin/mtree/t_sets.sh@1.1 / diff / nxr@1.1
mtree(8): Test the installed sets.
Except etc and xetc, which likely won't match for reasons that aren't
great, like etc including empty log files which in an installed
system have probably changed.
This test will probably fail, but we should make sure it doesn't!
PR misc/57877
Except etc and xetc, which likely won't match for reasons that aren't
great, like etc including empty log files which in an installed
system have probably changed.
This test will probably fail, but we should make sure it doesn't!
PR misc/57877
MAIN commitmail json YAML
ld@sdmmc(4): Hack around deadlock in cache sync on detach.
Yanking a card triggers the sdmmc discovery task, which runs in the
sdmmc task thread, to detach any attached child devices.
Detaching ld@sdmmc triggers a cache flush (via ldbegindetach ->
disk_begindetach -> ld_lastclose -> ld_flush -> ioctl DIOCCACHESYNC),
which is implemented by scheduling a task to do sdmmc_mem_flush_cache
and then waiting for it to complete.
The sdmmc_mem_cache_flush is done by an sdmmc task so it happens
after all previously scheduled I/O operations -- that way the cache
flush doesn't complete until the previously scheduled I/O operations
are complete.
However, when the cache flush task is issued from the discovery task,
this doesn't work, because the cache flush task can't start until the
discovery task has returned -- but the discovery task won't return
until the cache flush task has completed.
To work around this deadlock, which usually happens only when the
device has been yanked anyway so further I/O would be lost anyway,
just do the cache flush synchronously in DIOCCACHESYNC if we're
running in the task thread.
This isn't quite right -- implementation details of the task thread
shouldn't bleed into ld@sdmmc, and running the cache sync _before_
any subsequently scheduled I/O tasks is asking for trouble -- but it
should serve to avoid the deadlock in PR kern/57870 until we can fix
a host of concurrency bugs in sdmmc by fixing the locking scheme and
running discovery in a separate thread from tasks.
XXX pullup-10
Yanking a card triggers the sdmmc discovery task, which runs in the
sdmmc task thread, to detach any attached child devices.
Detaching ld@sdmmc triggers a cache flush (via ldbegindetach ->
disk_begindetach -> ld_lastclose -> ld_flush -> ioctl DIOCCACHESYNC),
which is implemented by scheduling a task to do sdmmc_mem_flush_cache
and then waiting for it to complete.
The sdmmc_mem_cache_flush is done by an sdmmc task so it happens
after all previously scheduled I/O operations -- that way the cache
flush doesn't complete until the previously scheduled I/O operations
are complete.
However, when the cache flush task is issued from the discovery task,
this doesn't work, because the cache flush task can't start until the
discovery task has returned -- but the discovery task won't return
until the cache flush task has completed.
To work around this deadlock, which usually happens only when the
device has been yanked anyway so further I/O would be lost anyway,
just do the cache flush synchronously in DIOCCACHESYNC if we're
running in the task thread.
This isn't quite right -- implementation details of the task thread
shouldn't bleed into ld@sdmmc, and running the cache sync _before_
any subsequently scheduled I/O tasks is asking for trouble -- but it
should serve to avoid the deadlock in PR kern/57870 until we can fix
a host of concurrency bugs in sdmmc by fixing the locking scheme and
running discovery in a separate thread from tasks.
XXX pullup-10
MAIN commitmail json YAML
i915_gem_stolen: Fill sg_pgs, with size/PAGE_SIZE entries.
Use sg_alloc_table_from_bus_dmamem to do this.
i915_gem_mman.c vm_fault_cpu and i915_gem_object_release_mmap_offset
both rely on sg_pgs to be a page array, so providing a table with
only one entry doesn't work (except by accident, if the object is
page-sized anyway). And they rely on the sg_pgs entries to be
initialized, which we weren't doing before, and which
sg_alloc_table_from_bus_dmamem does for us.
Related to PR kern/57833.
XXX pullup-10
Use sg_alloc_table_from_bus_dmamem to do this.
i915_gem_mman.c vm_fault_cpu and i915_gem_object_release_mmap_offset
both rely on sg_pgs to be a page array, so providing a table with
only one entry doesn't work (except by accident, if the object is
page-sized anyway). And they rely on the sg_pgs entries to be
initialized, which we weren't doing before, and which
sg_alloc_table_from_bus_dmamem does for us.
Related to PR kern/57833.
XXX pullup-10
MAIN commitmail json YAML
i915_gem_region: Fill sg_pgs, with size/PAGE_SIZE entries.
Use sg_alloc_table_from_bus_dmamem to do this.
i915_gem_mman.c vm_fault_cpu and i915_gem_object_release_mmap_offset
both rely on sg_pgs to be a page array, so using something else like
size >> ilog2(mem->mm.chunk_size) entries doesn't work. And they
rely on the sg_pgs entries to be initialized, which we weren't doing
before, and which sg_alloc_table_from_bus_dmamem does for us.
Related to PR kern/57833.
XXX pullup-10
Use sg_alloc_table_from_bus_dmamem to do this.
i915_gem_mman.c vm_fault_cpu and i915_gem_object_release_mmap_offset
both rely on sg_pgs to be a page array, so using something else like
size >> ilog2(mem->mm.chunk_size) entries doesn't work. And they
rely on the sg_pgs entries to be initialized, which we weren't doing
before, and which sg_alloc_table_from_bus_dmamem does for us.
Related to PR kern/57833.
XXX pullup-10
MAIN commitmail json YAML
i915_gem_phys: Fill sg_pgs.
This is needed by i915 gem fault, which maps user virtual addresses
to those pages, and by i915 gem object destruction, which does
pmap_page_protect on the pages to remove any of those user virtual
mappings.
This needs pmap_kenter_pa rather than pmap_enter(pmap_kernel(), ...)
in order to preserve the _kernel's_ mapping of the pages after
pmap_page_protect.
But bus_dmamem_map currently uses pmap_enter(pmap_kernel(), ...)
instead which creates a mapping that is removed by pmap_page_protect.
So we use a variant of bus_dmamem_map that uses pmap_kenter_pa
instead. Perhaps bus_dmamem_map should do this itself, but this
change is less risky to pull up than a change to bus_dmamem_map
itself.
PR kern/57833: kernel panic on xorg exit
XXX pullup-10
This is needed by i915 gem fault, which maps user virtual addresses
to those pages, and by i915 gem object destruction, which does
pmap_page_protect on the pages to remove any of those user virtual
mappings.
This needs pmap_kenter_pa rather than pmap_enter(pmap_kernel(), ...)
in order to preserve the _kernel's_ mapping of the pages after
pmap_page_protect.
But bus_dmamem_map currently uses pmap_enter(pmap_kernel(), ...)
instead which creates a mapping that is removed by pmap_page_protect.
So we use a variant of bus_dmamem_map that uses pmap_kenter_pa
instead. Perhaps bus_dmamem_map should do this itself, but this
change is less risky to pull up than a change to bus_dmamem_map
itself.
PR kern/57833: kernel panic on xorg exit
XXX pullup-10
MAIN commitmail json YAML
i915_gem: Assert page array size.
Let's detect the bug of sg_npgs failing to match
obj->base.size/PAGE_SIZE earlier.
Related to PR kern/57833.
XXX pullup-10
Let's detect the bug of sg_npgs failing to match
obj->base.size/PAGE_SIZE earlier.
Related to PR kern/57833.
XXX pullup-10
MAIN commitmail json YAML
i915_gem: Avoid walking off end of sg_pgs.
sg_npgs currently fails to match obj->base.size/PAGE_SIZE only due to
bugs in the construction of sg_pgs in various i915 gem object types,
which we should also fix, but let's avoid compounding it here.
Related to PR kern/57833.
XXX pullup-10
sg_npgs currently fails to match obj->base.size/PAGE_SIZE only due to
bugs in the construction of sg_pgs in various i915 gem object types,
which we should also fix, but let's avoid compounding it here.
Related to PR kern/57833.
XXX pullup-10
MAIN commitmail json YAML
i915_gem_region: Reduce diff from upstream a little.
No functional change intended.
Prompted by upcoming nearby changes related to PR kern/57833.
XXX pullup-10 (to make subsequent pullups easier)
No functional change intended.
Prompted by upcoming nearby changes related to PR kern/57833.
XXX pullup-10 (to make subsequent pullups easier)
MAIN commitmail json YAML
i915: Backport change to downgrade gen7/vlv to aliasing-ppggtt.
PR kern/57268
XXX pullup-10
commit 4fbe112a569526e46fa2accb5763c069f78cb431
Author: Chris Wilson <chris@chris-wilson.co.uk>
Date: Mon Feb 24 10:11:20 2020 +0000
drm/i915/gtt: Downgrade gen7 (ivb, byt, hsw) back to aliasing-ppgtt
Full-ppgtt on gen7 is proving to be highly unstable and not robust.
Closes: https://gitlab.freedesktop.org/drm/intel/issues/694
Fixes: 3cd6e8860ecd ("drm/i915/gen7: Re-enable full-ppgtt for ivb & hsw")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
Cc: Jani Nikula <jani.nikula@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Acked-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20200224101120.4024481-1-chris@chris-wilson.co.uk
PR kern/57268
XXX pullup-10
commit 4fbe112a569526e46fa2accb5763c069f78cb431
Author: Chris Wilson <chris@chris-wilson.co.uk>
Date: Mon Feb 24 10:11:20 2020 +0000
drm/i915/gtt: Downgrade gen7 (ivb, byt, hsw) back to aliasing-ppgtt
Full-ppgtt on gen7 is proving to be highly unstable and not robust.
Closes: https://gitlab.freedesktop.org/drm/intel/issues/694
Fixes: 3cd6e8860ecd ("drm/i915/gen7: Re-enable full-ppgtt for ivb & hsw")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
Cc: Jani Nikula <jani.nikula@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Acked-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20200224101120.4024481-1-chris@chris-wilson.co.uk
MAIN commitmail json YAML
usbdi(9): Assert not polling in abort path.
XXX Not sure if this is safe.
XXX Not sure if this is safe.
MAIN commitmail json YAML
usbdi(9): Avoid taking locks in usbd_transfer while polling.
PR kern/57783
XXX pullup-10
XXX pullup-9
XXX pullup-8
PR kern/57783
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
usbdi(9): Avoid calling ubm_softint with lock held and polling on.
PR kern/57783
XXX pullup-10
XXX pullup-9
XXX pullup-8
PR kern/57783
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
getaddrinfo(1): Omit needless whitespace.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
fetch(3): Backport SSL validation from pkgsrc libfetch 2.40.
We should really sync with pkgsrc libfetch to avoid divergence, but
this is a low-risk, high-priority change for NetBSD 10:
https://mail-index.netbsd.org/pkgsrc-changes/2024/01/03/msg290052.html
We should really sync with pkgsrc libfetch to avoid divergence, but
this is a low-risk, high-priority change for NetBSD 10:
https://mail-index.netbsd.org/pkgsrc-changes/2024/01/03/msg290052.html
MAIN commitmail json YAML
xennetback_xenbus.c: Nix trailing whitespace again.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
libiscsi: Fix types of Time2Wait and Time2Retain in logout decap.
According to https://www.rfc-editor.org/rfc/rfc7143#section-11.15,
these are both 2-byte quantities. Loading 4-byte quantities and
passing them through ISCSI_NTOHS might have worked by accident on
x86, but it's not gonna fly on big-endian. (Fortunately sparc64 is
not just big-endian but also strict-alignment so it caught this
problem!)
XXX Is there an upstream for this code? doc/3RDPARTY doesn't cite
any easily-followed references.
PR port-sparc64/57784
XXX pullup-10
XXX pullup-9
XXX pullup-8
According to https://www.rfc-editor.org/rfc/rfc7143#section-11.15,
these are both 2-byte quantities. Loading 4-byte quantities and
passing them through ISCSI_NTOHS might have worked by accident on
x86, but it's not gonna fly on big-endian. (Fortunately sparc64 is
not just big-endian but also strict-alignment so it caught this
problem!)
XXX Is there an upstream for this code? doc/3RDPARTY doesn't cite
any easily-followed references.
PR port-sparc64/57784
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
httpd(8): Add missing newline to `SSL Error' messages.
Matches the pattern in all other printf/syslog calls.
XXX pullup-10
XXX pullup-9
XXX pullup-8
Matches the pattern in all other printf/syslog calls.
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
stack(7): Fix diagram of non-main thread stacks.
Had stackaddr (pthread_attr_setstack parameter, lowest-numbered
virtual address of stack region) confused with stack base (where the
stack grows from, which is the highest-numbered virtual address on
machines where stack grows down).
PR pkg/57708
XXX pullup-10
Had stackaddr (pthread_attr_setstack parameter, lowest-numbered
virtual address of stack region) confused with stack base (where the
stack grows from, which is the highest-numbered virtual address on
machines where stack grows down).
PR pkg/57708
XXX pullup-10
MAIN commitmail json YAML
stack(7): Minor clarifications and wording tweaks.
Suggested by pgoyette@ and uwe@.
PR pkg/57708
XXX pullup-10
Suggested by pgoyette@ and uwe@.
PR pkg/57708
XXX pullup-10
MAIN commitmail json YAML
src/lib/libpthread/pthread_attr_getguardsize.3@1.6
/
diff
/
nxr@1.6
src/lib/libpthread/pthread_attr_getstack.3@1.9 / diff / nxr@1.9
src/lib/libpthread/pthread_attr_getstack.3@1.9 / diff / nxr@1.9
pthread: Document the setstack vs setguardsize bug.
Suggest the safe, compatible workaround.
Suggest the safe, compatible workaround.
MAIN commitmail json YAML
src/tests/lib/libc/sys/Makefile@1.76
/
diff
/
nxr@1.76
src/tests/lib/libc/sys/t_setrlimit.c@1.11 / diff / nxr@1.11
src/tests/lib/libc/sys/t_setrlimit.c@1.11 / diff / nxr@1.11
t_setrlimit: Narrow the scope of stack-protector warning suppression.
MAIN commitmail json YAML
src/lib/libpthread/pthread.c@1.184
/
diff
/
nxr@1.184
src/tests/lib/libpthread/t_stack.c@1.6 / diff / nxr@1.6
src/tests/lib/libpthread/t_stack.c@1.6 / diff / nxr@1.6
pthread: Don't adjust user-allocated stack addresses by guardsize.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
libpthread/t_stack: Fix format string for size_t.
Tested this on i386 since that had been crashing before, but i386
doesn't see %zu for unsigned int as a problem.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
Tested this on i386 since that had been crashing before, but i386
doesn't see %zu for unsigned int as a problem.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
libpthread/t_stack: Appease gcc12 maybe-uninitialized warning.
The jmp_buf is not, in fact, uninitialized at the point of use, but
it doesn't hurt to narrow the scope a bit to between when the jmp_buf
is initialized by setjmp, and when the signal handler might be called
after sigaction.
Noted by prlw1.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
The jmp_buf is not, in fact, uninitialized at the point of use, but
it doesn't hurt to narrow the scope a bit to between when the jmp_buf
is initialized by setjmp, and when the signal handler might be called
after sigaction.
Noted by prlw1.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
libpthread/t_stack: Omit needless cast in previous.
Arose from an earlier draft of the change.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
Arose from an earlier draft of the change.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
libpthread/t_stack: Make this more robust to the guard size bug.
Make sure to allocate enough space for the thread's stack for a guard
even though there shouldn't be one, so that when we run the thread,
it doesn't start with the stack pointer pointing into someone else's
allocation (like malloc) causing stack frames to trash another data
structure -- or causing the user of that data structure to trash the
stack frames.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
Make sure to allocate enough space for the thread's stack for a guard
even though there shouldn't be one, so that when we run the thread,
it doesn't start with the stack pointer pointing into someone else's
allocation (like malloc) causing stack frames to trash another data
structure -- or causing the user of that data structure to trash the
stack frames.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
src/tests/libexec/ld.elf_so/t_dlinfo.c@1.8
/
diff
/
nxr@1.8
src/tests/libexec/ld.elf_so/t_rtld_r_debug.c@1.5 / diff / nxr@1.5
src/tests/libexec/ld.elf_so/t_rtld_r_debug.c@1.5 / diff / nxr@1.5
t_dlinfo, t_rtld_r_debug: Audit ATF_REQUIRE/CHECK, sprinkle messages.
Make sure to use ATF_REQUIRE when the subsequent code doesn't work if
the check fails.
Make sure to use ATF_REQUIRE when the subsequent code doesn't work if
the check fails.
MAIN commitmail json YAML
src/tests/libexec/ld.elf_so/t_dlinfo.c@1.7
/
diff
/
nxr@1.7
src/tests/libexec/ld.elf_so/t_rtld_r_debug.c@1.4 / diff / nxr@1.4
src/tests/libexec/ld.elf_so/t_rtld_r_debug.c@1.4 / diff / nxr@1.4
rtld tests: Don't use RZ for dlinfo.
Use
ATF_REQUIRE_EQ_MSG(dlinfo(...), 0, "dlinfo: %s", dlerror())
instead, in order to accurately report the error on failure. RZ is
only for functions like pthread_create(3) that return zero on success
and errno(3) code on failure, but dlinfo returns -1 on failure and
sets dlerror() to report the nature of the error.
Use
ATF_REQUIRE_EQ_MSG(dlinfo(...), 0, "dlinfo: %s", dlerror())
instead, in order to accurately report the error on failure. RZ is
only for functions like pthread_create(3) that return zero on success
and errno(3) code on failure, but dlinfo returns -1 on failure and
sets dlerror() to report the nature of the error.
MAIN commitmail json YAML
src/tests/fs/hfs/t_pathconvert.c@1.8
/
diff
/
nxr@1.8
src/tests/kernel/t_memfd_create.c@1.3 / diff / nxr@1.3
src/tests/lib/librefuse/t_refuse_opt.c@1.10 / diff / nxr@1.10
src/tests/lib/librumpclient/t_fd.c@1.9 / diff / nxr@1.9
src/tests/kernel/t_memfd_create.c@1.3 / diff / nxr@1.3
src/tests/lib/librefuse/t_refuse_opt.c@1.10 / diff / nxr@1.10
src/tests/lib/librumpclient/t_fd.c@1.9 / diff / nxr@1.9
tests: Audit RZ abuse.
RZ succeeds if x is zero, and fails if x is nonzero, treating a
nonzero value as a error number as in errno(3) to print the message.
The following library routines instead return -1 on failure and set
errno to the error code:
fuse_opt_add_arg
fuse_opt_add_opt
fuse_opt_add_opt_escaped
fuse_opt_insert_arg
lseek
system
So use RL instead for those -- succeeds if x is zero, and fails if x
is -1.
This shouldn't make any tests newly fail or newly succeed -- the
functions in question only ever return 0 or -1 -- but if the tests
were already failing anywhere, they will now fail with meaningful
messages.
TBD: dlinfo, which isn't fit for RL or RZ since it reports errors via
dlerror() rather than errno.
RZ succeeds if x is zero, and fails if x is nonzero, treating a
nonzero value as a error number as in errno(3) to print the message.
The following library routines instead return -1 on failure and set
errno to the error code:
fuse_opt_add_arg
fuse_opt_add_opt
fuse_opt_add_opt_escaped
fuse_opt_insert_arg
lseek
system
So use RL instead for those -- succeeds if x is zero, and fails if x
is -1.
This shouldn't make any tests newly fail or newly succeed -- the
functions in question only ever return 0 or -1 -- but if the tests
were already failing anywhere, they will now fail with meaningful
messages.
TBD: dlinfo, which isn't fit for RL or RZ since it reports errors via
dlerror() rather than errno.
MAIN commitmail json YAML
t_rnd: Nix trailing whitespace.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
t_rnd: Fix misuse of RZ.
Not likely to matter, but in the unlikely event that rump_sys_close
fails, it will return -1 and set errno as RL expects, not return the
error code as RZ expects.
Not likely to matter, but in the unlikely event that rump_sys_close
fails, it will return -1 and set errno as RL expects, not return the
error code as RZ expects.
MAIN commitmail json YAML
src/distrib/sets/lists/debug/mi@1.424
/
diff
/
nxr@1.424
src/distrib/sets/lists/tests/mi@1.1297 / diff / nxr@1.1297
src/tests/lib/libpthread/Makefile@1.16 / diff / nxr@1.16
src/tests/lib/libpthread/t_stack.c@1.1 / diff / nxr@1.1
src/distrib/sets/lists/tests/mi@1.1297 / diff / nxr@1.1297
src/tests/lib/libpthread/Makefile@1.16 / diff / nxr@1.16
src/tests/lib/libpthread/t_stack.c@1.1 / diff / nxr@1.1
pthread: Add tests for pthread user stack allocation.
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
PR lib/57721
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
stack(7): Clarify thread stack guard vs program stack guard.
Just in case this confuses anyone dealing with PR pkg/57708.
XXX pullup-10
Just in case this confuses anyone dealing with PR pkg/57708.
XXX pullup-10
MAIN commitmail json YAML
MAIN commitmail json YAML
share/man/man7/Makefile: Split MAN on separate lines, and sort.
Makes sorting and merging changes easier.
No functional change intended.
Preparing for a new stack(7) in the service of PR pkg/57708.
XXX pullup-10
Makes sorting and merging changes easier.
No functional change intended.
Preparing for a new stack(7) in the service of PR pkg/57708.
XXX pullup-10
MAIN commitmail json YAML
vfs(9): Make sure to kpause at least one tick, not zero.
kpause(9) forbids zero.
Local workaround for wider problem in PR kern/57718, to address
immediate symptom of crash on any system with hz=50, e.g. alpha in
qemu:
panic: kernel diagnostic assertion "timo != 0 || intr" failed: file "/usr/src/sys/kern/kern_synch.c", line 249
XXX pullup-10
XXX pullup-9
XXX pullup-8
kpause(9) forbids zero.
Local workaround for wider problem in PR kern/57718, to address
immediate symptom of crash on any system with hz=50, e.g. alpha in
qemu:
panic: kernel diagnostic assertion "timo != 0 || intr" failed: file "/usr/src/sys/kern/kern_synch.c", line 249
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
kpause(9): KASSERT -> KASSERTMSG
PR kern/57718 (might help to diagnose manifestations of the problem)
PR kern/57718 (might help to diagnose manifestations of the problem)
MAIN commitmail json YAML
t_setrlimit: Fix typos in comments and messages.
No substantive change intended. Suggested by rillig@.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
No substantive change intended. Suggested by rillig@.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
src/sys/kern/exec_subr.c@1.88
/
diff
/
nxr@1.88
src/sys/sys/pax.h@1.28 / diff / nxr@1.28
src/sys/uvm/uvm_mmap.c@1.185 / diff / nxr@1.185
src/sys/sys/pax.h@1.28 / diff / nxr@1.28
src/sys/uvm/uvm_mmap.c@1.185 / diff / nxr@1.185
pax(9): Rework header file more coherently to nix some needless #ifs.
Cleans up some of the fallout from PR kern/57711 fixes.
Could do a little more to nix PAX_SEGVGUARD conditionals but maybe
not worth it.
Cleans up some of the fallout from PR kern/57711 fixes.
Could do a little more to nix PAX_SEGVGUARD conditionals but maybe
not worth it.
MAIN commitmail json YAML
src/sys/arch/alpha/alpha/db_trace.c@1.33
/
diff
/
nxr@1.33
src/sys/arch/alpha/include/db_machdep.h@1.20 / diff / nxr@1.20
src/sys/ddb/db_interface.h@1.44 / diff / nxr@1.44
src/sys/ddb/db_panic.c@1.12 / diff / nxr@1.12
src/sys/arch/alpha/include/db_machdep.h@1.20 / diff / nxr@1.20
src/sys/ddb/db_interface.h@1.44 / diff / nxr@1.44
src/sys/ddb/db_panic.c@1.12 / diff / nxr@1.12
ddb: New db_stack_trace_print_ra.
Takes an optional extra argument for the return address so that the
stack parser has a chance to use instruction-dependent interpretation
of the frame to find parent frames.
Implemented only on Alpha for now, which needs it. Other
architectures just ignore the extra argument.
PR port-alpha/57716
XXX pullup-10
XXX pullup-9
XXX pullup-8
Takes an optional extra argument for the return address so that the
stack parser has a chance to use instruction-dependent interpretation
of the frame to find parent frames.
Implemented only on Alpha for now, which needs it. Other
architectures just ignore the extra argument.
PR port-alpha/57716
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
src/sys/kern/exec_subr.c@1.86
/
diff
/
nxr@1.86
src/tests/lib/libc/sys/t_setrlimit.c@1.9 / diff / nxr@1.9
src/tests/lib/libc/sys/t_setrlimit.c@1.9 / diff / nxr@1.9
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
t_setrlimit: Verify changing RLIMIT_STACK affects access to stack.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
eventfd(2): Omit needless micro-optimization causing PR kern/57703.
Unfortunately, owing to PR kern/57705 and PR misc/57706, it isn't
convenient to flip the xfail switch on a test for this bug. So we'll
do that separately. (But I did verify that a rumpified version of
the test postd to PR kern/57703 failed without this change, and
passed with this change.)
PR kern/57703
XXX pullup-10
Unfortunately, owing to PR kern/57705 and PR misc/57706, it isn't
convenient to flip the xfail switch on a test for this bug. So we'll
do that separately. (But I did verify that a rumpified version of
the test postd to PR kern/57703 failed without this change, and
passed with this change.)
PR kern/57703
XXX pullup-10
MAIN commitmail json YAML
t_fdrestart: Mark some tests no longer xfail.
Backing out ad's changes last month seemed to fix the symptoms
(although I'm pretty sure this logic is still broken, more to come).
PR kern/57659
Backing out ad's changes last month seemed to fix the symptoms
(although I'm pretty sure this logic is still broken, more to come).
PR kern/57659
MAIN commitmail json YAML
t_fenv: Factor checks out of switch in checkrounding.
No functional change intended, just tidies up a bit.
PR port-mips/57680
XXX pullup-10
No functional change intended, just tidies up a bit.
PR port-mips/57680
XXX pullup-10
MAIN commitmail json YAML
t_fenv: Use volatile intermediate to force rounding to double.
See comment for details about why this is necessary.
Should fix these tests on i386 (and perhaps m68k too).
PR port-mips/57680
XXX pullup-10
See comment for details about why this is necessary.
Should fix these tests on i386 (and perhaps m68k too).
PR port-mips/57680
XXX pullup-10
MAIN commitmail json YAML
t_fenv: Improve diagnostics when rounding mode tests fail.
Print the correct input, and print the rounding mode for clarity so
you don't have to cross-reference it by line number.
PR port-mips/57680
XXX pullup-10
Print the correct input, and print the rounding mode for clarity so
you don't have to cross-reference it by line number.
PR port-mips/57680
XXX pullup-10
MAIN commitmail json YAML
t_fenv: Add #pragma STDC FENV_ACCESS ON and verify FLT_RADIX is 2.
Except gcc doesn't implement this pragma, so make it conditional.
And clang only supports it on some architectures, so just leave it
out for now with a comment about why.
PR port-mips/57680
XXX pullup-10
Except gcc doesn't implement this pragma, so make it conditional.
And clang only supports it on some architectures, so just leave it
out for now with a comment about why.
PR port-mips/57680
XXX pullup-10
MAIN commitmail json YAML
t_fenv: Verify rounding mode takes effect.
At least for addition operations, anyway.
Somewhat redundant with the test t_fe_round added by maya@ but this
gives two minimal pairs to easily diagnose exactly what the rounding
mode is when the wrong one was selected.
PR port-mips/57680
XXX pullup-10
At least for addition operations, anyway.
Somewhat redundant with the test t_fe_round added by maya@ but this
gives two minimal pairs to easily diagnose exactly what the rounding
mode is when the wrong one was selected.
PR port-mips/57680
XXX pullup-10
MAIN commitmail json YAML
t_fenv: Print wrong values if tests fail.
XXX pullup-10
XXX pullup-10
MAIN commitmail json YAML
eqos(4): Fix multicast filter updates.
1. Don't touch the obsolete IFF_ALLMULTI.
2. Set ETHER_F_ALLMULTI if we're accepting all multicast addresses.
3. If any multicast entry range is not a single address, accept all
multicast addresses.
1. Don't touch the obsolete IFF_ALLMULTI.
2. Set ETHER_F_ALLMULTI if we're accepting all multicast addresses.
3. If any multicast entry range is not a single address, accept all
multicast addresses.
MAIN commitmail json YAML
eqos(4): Fix locking around multicast filter updates.
- Can't touch if_flags without IFNET_LOCK.
- Can't take IFNET_LOCK in SIOCADDMULTI/SIOCDELMULTI path.
Instead, cache IFF_PROMISC and IFF_ALLMULTI on if_init under a lock we
can take in this path.
XXX Is IFF_ALLMULTI relevant any more? Hasn't it been moved to
ethercom flags?
XXX Should not take sc_lock around if_init/stop -- IFNET_LOCK is
enough. Should narrow scope of sc_lock to be just tick/mii/multi
stuff.
- Can't touch if_flags without IFNET_LOCK.
- Can't take IFNET_LOCK in SIOCADDMULTI/SIOCDELMULTI path.
Instead, cache IFF_PROMISC and IFF_ALLMULTI on if_init under a lock we
can take in this path.
XXX Is IFF_ALLMULTI relevant any more? Hasn't it been moved to
ethercom flags?
XXX Should not take sc_lock around if_init/stop -- IFNET_LOCK is
enough. Should narrow scope of sc_lock to be just tick/mii/multi
stuff.
MAIN commitmail json YAML
eqos(4): Don't touch if_flags in tx path.
Can't touch this without IFNET_LOCK.
Can't touch this without IFNET_LOCK.
MAIN commitmail json YAML
eqos(4): Wait for callout to halt and make sure it stays halted.
MAIN commitmail json YAML
ehci(4): Fix bug causing missed wakeups since ehci.c 1.308.
For reasons beyond me now, I used cv_signal on the same cv that is
used to wait for the doorbell to be available _and_ to wait for the
host controller to acknowledge the doorbell. Which means when the
host controller acknowledges the doorbell, we might wake some thread
waiting for the doorbell to be available -- and leave the thread
waiting for the doorbell acknowledgment hanging indefinitely.
PR port-i386/57662
XXX pullup-10
For reasons beyond me now, I used cv_signal on the same cv that is
used to wait for the doorbell to be available _and_ to wait for the
host controller to acknowledge the doorbell. Which means when the
host controller acknowledges the doorbell, we might wake some thread
waiting for the doorbell to be available -- and leave the thread
waiting for the doorbell acknowledgment hanging indefinitely.
PR port-i386/57662
XXX pullup-10
MAIN commitmail json YAML
ehci(4): Fix cv_timedwait loop in ehci_sync_hc.
Stop when
now - starttime >= delta,
i.e., when at least delta ticks have elapsed since the start, not
when
endtime - now > delta,
i.e., more than delta ticks _remain_ to sleep, which is never going
to happen (except on arithmetic overflow).
As is, what will happen in the case that should time out is that we
wake up after delta ticks, and find now = getticks() is exactly
endtime, so we retry cv_timedwait with timo=(endtime - now)=0 which
means sleep indefinitely with no timeout as if with cv_wait.
PR port-i386/57662
XXX pullup-10
Stop when
now - starttime >= delta,
i.e., when at least delta ticks have elapsed since the start, not
when
endtime - now > delta,
i.e., more than delta ticks _remain_ to sleep, which is never going
to happen (except on arithmetic overflow).
As is, what will happen in the case that should time out is that we
wake up after delta ticks, and find now = getticks() is exactly
endtime, so we retry cv_timedwait with timo=(endtime - now)=0 which
means sleep indefinitely with no timeout as if with cv_wait.
PR port-i386/57662
XXX pullup-10
MAIN commitmail json YAML
mremap(2): Use .Lk for links in text.
.%U is only for links in reference sections.
.%U is only for links in reference sections.
MAIN commitmail json YAML
postinstall(8): Use /usr/sbin/certctl.
Obviates need to have /usr/sbin in PATH when running this.
XXX pullup-10
Obviates need to have /usr/sbin in PATH when running this.
XXX pullup-10
MAIN commitmail json YAML
drm(4): Fix thinko -- display configuration, not device configuration.
MAIN commitmail json YAML
drm(4): Update man page over the last decade.
While here, credit contributors just to the NetBSD port. Too many
upstream contributors to list, not even sure where I'd find them all.
While here, credit contributors just to the NetBSD port. Too many
upstream contributors to list, not even sure where I'd find them all.
MAIN commitmail json YAML
Revert "x86: Panic early if fpu save size is too large, take 2."
Apparently this is too early to print anything useful, so it just
causes a reboot loop.
PR kern/57661
Apparently this is too early to print anything useful, so it just
causes a reboot loop.
PR kern/57661
MAIN commitmail json YAML
thmap(9): Preallocate GC list storage for thmap_del.
thmap_del can't fail, and it is used in places in npf where sleeping
is forbidden, so it can't rely on allocating memory either.
Instead of having thmap_del allocate memory on the fly for each
object to defer freeing until thmap_gc, arrange to have thmap(9)
preallocate the same storage when allocating all the objects in the
first place, with a GC header.
This is suboptimal for memory usage, especially on insertion- and
lookup-heavy but deletion-light workloads, but it's not clear rmind's
alternative (https://github.com/rmind/thmap/tree/thmap_del_mem_fail)
is ready to use yet, so we'll go with this for correctness.
PR kern/57208
https://github.com/rmind/npf/issues/129
XXX pullup-10
XXX pullup-9
thmap_del can't fail, and it is used in places in npf where sleeping
is forbidden, so it can't rely on allocating memory either.
Instead of having thmap_del allocate memory on the fly for each
object to defer freeing until thmap_gc, arrange to have thmap(9)
preallocate the same storage when allocating all the objects in the
first place, with a GC header.
This is suboptimal for memory usage, especially on insertion- and
lookup-heavy but deletion-light workloads, but it's not clear rmind's
alternative (https://github.com/rmind/thmap/tree/thmap_del_mem_fail)
is ready to use yet, so we'll go with this for correctness.
PR kern/57208
https://github.com/rmind/npf/issues/129
XXX pullup-10
XXX pullup-9
MAIN commitmail json YAML
thmap(9): Test alloc failure, not THMAP_GETPTR failure.
THMAP_GETPTR may return nonnull even though alloc returned zero.
Note that this failure branch is not actually appropriate;
thmap_create should not fail. We really need to pass KM_SLEEP
through in this call site even though there are other call sites for
which KM_NOSLEEP is appropriate.
Adapted from: https://github.com/rmind/thmap/pull/14
PR kern/57666
https://github.com/rmind/thmap/issues/13
XXX pullup-10
XXX pullup-9
THMAP_GETPTR may return nonnull even though alloc returned zero.
Note that this failure branch is not actually appropriate;
thmap_create should not fail. We really need to pass KM_SLEEP
through in this call site even though there are other call sites for
which KM_NOSLEEP is appropriate.
Adapted from: https://github.com/rmind/thmap/pull/14
PR kern/57666
https://github.com/rmind/thmap/issues/13
XXX pullup-10
XXX pullup-9
MAIN commitmail json YAML
x86: Panic early if fpu save size is too large, take 2.
This shouldn't break any existing systems (for real this time), but
it should make the failure mode more obvious on systems that are
already broken.
PR kern/57661
XXX pullup-10
XXX pullup-9
XXX pullup-8
This shouldn't break any existing systems (for real this time), but
it should make the failure mode more obvious on systems that are
already broken.
PR kern/57661
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
x86: Remove incomplete fpu save size check.
Will fix it later, but this makes pullups easier.
Will fix it later, but this makes pullups easier.
MAIN commitmail json YAML
sys/pipe.h: #define<tab>
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
kern_ktrace.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
xen_machdep.c: Nix trailing whitespace.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
vax/pmap.c: Sort includes. Nix traliing whitespace.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
sequencer.c: Nix trailing whitespace.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
x86: Disable savefpu size check for now.
This is apparently so broken that the error check for what should
have been a safe size fails, which is breaking boot on x86 all the
way back to Sandy Bridge at this point. Grrr.
We need to expand savefpu so that it supports the maximum size
instead.
This is apparently so broken that the error check for what should
have been a safe size fails, which is breaking boot on x86 all the
way back to Sandy Bridge at this point. Grrr.
We need to expand savefpu so that it supports the maximum size
instead.
MAIN commitmail json YAML
t_fdrestart: Rework this to be a little more robust.
For the write test, need to make sure the pipe's buffer is full first
before the write that blocks, so that it doesn't return partial
progress rather than ERESTART if woken.
For the write test, need to make sure the pipe's buffer is full first
before the write that blocks, so that it doesn't return partial
progress rather than ERESTART if woken.
MAIN commitmail json YAML
src/distrib/sets/lists/debug/mi@1.419
/
diff
/
nxr@1.419
src/distrib/sets/lists/tests/mi@1.1294 / diff / nxr@1.1294
src/tests/kernel/Makefile@1.76 / diff / nxr@1.76
src/tests/kernel/t_fdrestart.c@1.1 / diff / nxr@1.1
src/distrib/sets/lists/tests/mi@1.1294 / diff / nxr@1.1294
src/tests/kernel/Makefile@1.76 / diff / nxr@1.76
src/tests/kernel/t_fdrestart.c@1.1 / diff / nxr@1.1
t_fdrestart: New test of closing fd with another thread in I/O on it.
Adapted from regress/sys/kern/dislodgefd.
PR kern/57659
Adapted from regress/sys/kern/dislodgefd.
PR kern/57659
MAIN commitmail json YAML
x86: Panic if cpuid's fpu save size is larger than we support.
Ideally this wouldn't panic, but the alternative right now is to
crash in a memset later -- or silently corrupt kernel memory -- so
this doesn't make the situation worse than it was before.
PR kern/57661
XXX pullup-10
XXX pullup-9
XXX pullup-8
Ideally this wouldn't panic, but the alternative right now is to
crash in a memset later -- or silently corrupt kernel memory -- so
this doesn't make the situation worse than it was before.
PR kern/57661
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
src/distrib/sets/lists/comp/mi@1.2450
/
diff
/
nxr@1.2450
src/sys/sys/Makefile@1.183 / diff / nxr@1.183
src/sys/sys/Makefile@1.183 / diff / nxr@1.183
sys/wchan.h: Need to install this for sanitizers.
MAIN commitmail json YAML
src/sys/rump/librump/rumpkern/emul.c@1.201
/
diff
/
nxr@1.201
src/sys/rump/librump/rumpkern/lwproc.c@1.58 / diff / nxr@1.58
src/sys/rump/librump/rumpkern/lwproc.c@1.58 / diff / nxr@1.58
rump: Sprinkle sys/syncobj.h here too.
MAIN commitmail json YAML
kern_turnstile.c: Use <sys/lwp.h> explicitly for struct lwp members.
MAIN commitmail json YAML
sys/sleepq.h: Sort includes. No functional change intended.
MAIN commitmail json YAML
sys/lwp.h: Sort includes. No functional change intended.
MAIN commitmail json YAML
sys_select.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_lwp.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_synch.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_sleepq.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_rwlock.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_mutex.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_lwp: Sort includes. No functional change intended.
MAIN commitmail json YAML
kern_condvar.c: Sort includes. No functional change intended.
MAIN commitmail json YAML
ddb: Don't restrict `show all tstiles' to wmesg `tstile'.
This is no longer the wmesg, as of last week -- now it's the name of
the underlying syncobj, like `mutex' or `rwlock'.
This is no longer the wmesg, as of last week -- now it's the name of
the underlying syncobj, like `mutex' or `rwlock'.
MAIN commitmail json YAML
src/sys/ddb/db_command.c@1.188
/
diff
/
nxr@1.188
src/sys/ddb/db_syncobj.c@1.3 / diff / nxr@1.3
src/sys/ddb/db_syncobj.h@1.3 / diff / nxr@1.3
src/sys/ddb/db_syncobj.c@1.3 / diff / nxr@1.3
src/sys/ddb/db_syncobj.h@1.3 / diff / nxr@1.3
ddb: Constify db_syncobj_owner argument.
No need for it to be writable, and the actual type of the struct lwp
member is const.
No need for it to be writable, and the actual type of the struct lwp
member is const.
MAIN commitmail json YAML
src/sys/ddb/db_syncobj.h@1.2
/
diff
/
nxr@1.2
src/sys/kern/kern_condvar.c@1.61 / diff / nxr@1.61
src/sys/kern/kern_ktrace.c@1.183 / diff / nxr@1.183
src/sys/kern/kern_lwp.c@1.266 / diff / nxr@1.266
src/sys/kern/kern_mutex.c@1.111 / diff / nxr@1.111
src/sys/kern/kern_rwlock.c@1.75 / diff / nxr@1.75
src/sys/kern/kern_sleepq.c@1.85 / diff / nxr@1.85
src/sys/kern/kern_synch.c@1.364 / diff / nxr@1.364
src/sys/kern/kern_turnstile.c@1.54 / diff / nxr@1.54
src/sys/kern/sys_lwp.c@1.88 / diff / nxr@1.88
src/sys/kern/sys_select.c@1.65 / diff / nxr@1.65
src/sys/sys/lwp.h@1.229 / diff / nxr@1.229
src/sys/sys/sleepq.h@1.41 / diff / nxr@1.41
src/sys/sys/sleeptab.h@1.3 / diff / nxr@1.3
src/sys/sys/syncobj.h@1.18 / diff / nxr@1.18
src/sys/sys/wchan.h@1.1 / diff / nxr@1.1
src/sys/kern/kern_condvar.c@1.61 / diff / nxr@1.61
src/sys/kern/kern_ktrace.c@1.183 / diff / nxr@1.183
src/sys/kern/kern_lwp.c@1.266 / diff / nxr@1.266
src/sys/kern/kern_mutex.c@1.111 / diff / nxr@1.111
src/sys/kern/kern_rwlock.c@1.75 / diff / nxr@1.75
src/sys/kern/kern_sleepq.c@1.85 / diff / nxr@1.85
src/sys/kern/kern_synch.c@1.364 / diff / nxr@1.364
src/sys/kern/kern_turnstile.c@1.54 / diff / nxr@1.54
src/sys/kern/sys_lwp.c@1.88 / diff / nxr@1.88
src/sys/kern/sys_select.c@1.65 / diff / nxr@1.65
src/sys/sys/lwp.h@1.229 / diff / nxr@1.229
src/sys/sys/sleepq.h@1.41 / diff / nxr@1.41
src/sys/sys/sleeptab.h@1.3 / diff / nxr@1.3
src/sys/sys/syncobj.h@1.18 / diff / nxr@1.18
src/sys/sys/wchan.h@1.1 / diff / nxr@1.1
sys/lwp.h: Nix sys/syncobj.h dependency.
Remove it in ddb/db_syncobj.h too.
New sys/wchan.h defines wchan_t so that users need not pull in
sys/syncobj.h to get it.
Sprinkle #include <sys/syncobj.h> in .c files where it is now needed.
Remove it in ddb/db_syncobj.h too.
New sys/wchan.h defines wchan_t so that users need not pull in
sys/syncobj.h to get it.
Sprinkle #include <sys/syncobj.h> in .c files where it is now needed.
MAIN commitmail json YAML
src/crypto/external/bsd/heimdal/Makefile.inc@1.11
/
diff
/
nxr@1.11
src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile@1.8 / diff / nxr@1.8
src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/hprop/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile@1.7 / diff / nxr@1.7
src/crypto/external/bsd/heimdal/sbin/kdc/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/kstash/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/digest-service/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/hpropd/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/ipropd-master/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/ipropd-slave/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/libexec/kadmind/Makefile@1.8 / diff / nxr@1.8
src/crypto/external/bsd/heimdal/libexec/kpasswdd/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/hprop/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/iprop-log/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/kadmin/Makefile@1.7 / diff / nxr@1.7
src/crypto/external/bsd/heimdal/sbin/kdc/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/sbin/kstash/Makefile@1.6 / diff / nxr@1.6
heimdal: Make sure whatever uses libhdb also gets libsqlite3 & libm.
Loose ends for static builds in the fix for PR lib/57406.
XXX pullup-10
Loose ends for static builds in the fix for PR lib/57406.
XXX pullup-10
MAIN commitmail json YAML
certdata.awk: Treat CKT_NSS_TRUSTED as untrusted _as a CA_.
This means the certificate is trusted for the listed purpose, not as
a CA to issue certificates for the listed purpose.
Clarify warning message in this case.
No change to imported certificates so no need to regen or pull up --
this designator does not actually appear in certdata.txt, only in
Mozilla nss source code.
This means the certificate is trusted for the listed purpose, not as
a CA to issue certificates for the listed purpose.
Clarify warning message in this case.
No change to imported certificates so no need to regen or pull up --
this designator does not actually appear in certdata.txt, only in
Mozilla nss source code.
MAIN commitmail json YAML
igc(4): `nvm_ver & ...' has type int, so use %x, not %hx.
This happens even though nvm_ver is unsigned short (uint16_t),
because of the integer promotions.
Should fix clang build.
XXX pullup-10
This happens even though nvm_ver is unsigned short (uint16_t),
because of the integer promotions.
Should fix clang build.
XXX pullup-10
MAIN commitmail json YAML
certctl(8): Reword various things in an attempt to clarify.
Suggest /etc/openssl/certs.local in the example config file. Maybe
we can/should formalize this but let's just start with a suggestion.
XXX pullup-10
Suggest /etc/openssl/certs.local in the example config file. Maybe
we can/should formalize this but let's just start with a suggestion.
XXX pullup-10
MAIN commitmail json YAML
MAIN commitmail json YAML
bsd.prog.mk: krb5 stuff no longer needs to link against sqlite3.
(Why is this here? Seems like it should be a .mk fragment under
crypto/external/bsd/heimdal -- that way I would have found it for the
previous commit.)
PR lib/57406
XXX pullup-10
(Why is this here? Seems like it should be a .mk fragment under
crypto/external/bsd/heimdal -- that way I would have found it for the
previous commit.)
PR lib/57406
XXX pullup-10
MAIN commitmail json YAML
src/crypto/external/bsd/heimdal/Makefile.inc@1.9
/
diff
/
nxr@1.9
src/crypto/external/bsd/heimdal/include/config.h@1.12 / diff / nxr@1.12
src/crypto/external/bsd/heimdal/lib/libhdb/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile@1.16 / diff / nxr@1.16
src/crypto/external/bsd/heimdal/include/config.h@1.12 / diff / nxr@1.12
src/crypto/external/bsd/heimdal/lib/libhdb/Makefile@1.6 / diff / nxr@1.6
src/crypto/external/bsd/heimdal/lib/libkrb5/Makefile@1.16 / diff / nxr@1.16
heimdal: Disable sqlite3 credential cache (SCC).
SCC is not usable in Heimdal 7.8.0, and this brings a dependency on
libsqlite3 into libkrb5 and therefore libgssapi, which is problematic
downstream applications that have sqlite3 from pkgsrc or statically
built in.
SCC will undergo substantial revision in the next Heimdal version
(https://github.com/heimdal/heimdal/pull/1143). We can revisit later
how to deal with this -- perhaps by symbol-renaming a copy of sqlite3
in Heimdal as it looks like upstream intends to do.
PR lib/57406
XXX pullup-10
SCC is not usable in Heimdal 7.8.0, and this brings a dependency on
libsqlite3 into libkrb5 and therefore libgssapi, which is problematic
downstream applications that have sqlite3 from pkgsrc or statically
built in.
SCC will undergo substantial revision in the next Heimdal version
(https://github.com/heimdal/heimdal/pull/1143). We can revisit later
how to deal with this -- perhaps by symbol-renaming a copy of sqlite3
in Heimdal as it looks like upstream intends to do.
PR lib/57406
XXX pullup-10
MAIN commitmail json YAML
hier(7): Document /usr/share/certs/mozilla.
XXX pullup-10
XXX pullup-10
MAIN commitmail json YAML
usbnet(9): On if_init, stop/init if IFF_RUNNING -- not noop.
ether_ioctl(9) relies on this to reinitialize an interface when a
flags change returns ENETRESET. We can't just reprogram the hardware
multicast filter because some drivers have logic in if_init that's
conditional on IFF_PROMISC; perhaps we can reduce the cost of this if
we can change those drivers to do it in uno_mcast but that requires
some analysis to determine.
PR kern/57645
XXX pullup-10
ether_ioctl(9) relies on this to reinitialize an interface when a
flags change returns ENETRESET. We can't just reprogram the hardware
multicast filter because some drivers have logic in if_init that's
conditional on IFF_PROMISC; perhaps we can reduce the cost of this if
we can change those drivers to do it in uno_mcast but that requires
some analysis to determine.
PR kern/57645
XXX pullup-10
MAIN commitmail json YAML
usbnet(9): Fix sense of conditional in usbnet_ifflags_cb.
This appears to have been mistranscribed in revision 1.1 of usbnet.c.
PR kern/57645
XXX pullup-10
This appears to have been mistranscribed in revision 1.1 of usbnet.c.
PR kern/57645
XXX pullup-10
MAIN commitmail json YAML
usbnet(9): Make sure unp->unp_if_flags is initialized on init.
usbnet_ifflags_cb is only called if the flags change while up and
running. (XXX Maybe it should be called in other circumstances too
so there's only one path here?)
Out of paranoia, clear the cache on stop.
PR kern/57645
XXX pullup-10
usbnet_ifflags_cb is only called if the flags change while up and
running. (XXX Maybe it should be called in other circumstances too
so there's only one path here?)
Out of paranoia, clear the cache on stop.
PR kern/57645
XXX pullup-10
MAIN commitmail json YAML
net/if.h: Explain the IFF_ALLMULTI situation.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
rge(4): callout_stop can't be right here; just do callout_halt.
XXX pullup-10
XXX pullup-10
MAIN commitmail json YAML
ure(4): Set all bits, not no bits, in multicast filter for promisc.
This was lost in revision 1.40.
PR kern/57648
XXX pullup-10
This was lost in revision 1.40.
PR kern/57648
XXX pullup-10
MAIN commitmail json YAML
lwp_pctr(9): Make this a little more robust.
No substantive change to machine code on aarch64. (Instructions and
registers got reordered a little but not in a way that matters.)
No substantive change to machine code on aarch64. (Instructions and
registers got reordered a little but not in a way that matters.)
MAIN commitmail json YAML
arm/gic: Check l_blcnt, not l_biglocks.
l_biglocks is a now-defunct temporary storage used only when
sleeping; l_blcnt is the number of kernel locks held by the lwp when
not sleeping.
Should fix arm builds.
l_biglocks is a now-defunct temporary storage used only when
sleeping; l_blcnt is the number of kernel locks held by the lwp when
not sleeping.
Should fix arm builds.
MAIN commitmail json YAML
kern_cctr.c: Fix broken indentation.
No functional change intended.
No functional change intended.
MAIN commitmail json YAML
armpmu(4): Add missing newline to error message.
MAIN commitmail json YAML
acronyms.comp: SFP -- Small Form-factor Pluggable
MAIN commitmail json YAML
acronyms.comp: Add various CPU- and barrier-related acronyms.
CET, DMB, DSB, HLE, IBT, ISB, MDS, SSB, SSBB, SSBD, TAA, TSX
PR misc/57636
CET, DMB, DSB, HLE, IBT, ISB, MDS, SSB, SSBB, SSBD, TAA, TSX
PR misc/57636
MAIN commitmail json YAML
pam_krb5: Fix PR lib/57631.
Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by
review or, somehow, by my own testing. Evidently we need automatic
tests for this pam business.
XXX pullup-10
XXX pullup-9
XXX pullup-8
Loose ends in the fix for NetBSD-SA2023-006 that weren't caught by
review or, somehow, by my own testing. Evidently we need automatic
tests for this pam business.
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
gpt(8): Make gpt type array and enum match again.
Add cross-referencing comment to reduce the probability of these
getting out of sync again.
Should fix a slew of failing tests since kre's recent change to add
windows-recovery to the array but not to the enum:
sbin/gpt/t_gpt:create_2part
sbin/gpt/t_gpt:migrate_disklabel
sbin/gpt/t_gpt:recover_backup
sbin/gpt/t_gpt:recover_primary
sbin/gpt/t_gpt:remove_2part
sbin/gpt/t_gpt:resize_2part
sbin/gpt/t_gpt:restore_2part
Fail: stdout does not match golden output
--- /usr/tests/sbin/gpt/gpt.2part.show.normal 2023-09-26 15:48:30.000000000 +0000
+++ /tmp/check.sc6ylB/stdout 2023-09-26 23:30:42.388157924 +0000
@@ -3,6 +3,6 @@
1 1 Pri GPT header
2 32 Pri GPT table
34 1024 1 GPT part - EFI System
- 1058 9150 2 GPT part - NetBSD FFSv1/FFSv2
+ 1058 9150 2 GPT part - NetBSD Cryptographic Disk
10208 32 Sec GPT table
10240 1 Sec GPT header
https://releng.netbsd.org/b5reports/i386/commits-2023.09.html#build-2023.09.26.15.47.11
Add cross-referencing comment to reduce the probability of these
getting out of sync again.
Should fix a slew of failing tests since kre's recent change to add
windows-recovery to the array but not to the enum:
sbin/gpt/t_gpt:create_2part
sbin/gpt/t_gpt:migrate_disklabel
sbin/gpt/t_gpt:recover_backup
sbin/gpt/t_gpt:recover_primary
sbin/gpt/t_gpt:remove_2part
sbin/gpt/t_gpt:resize_2part
sbin/gpt/t_gpt:restore_2part
Fail: stdout does not match golden output
--- /usr/tests/sbin/gpt/gpt.2part.show.normal 2023-09-26 15:48:30.000000000 +0000
+++ /tmp/check.sc6ylB/stdout 2023-09-26 23:30:42.388157924 +0000
@@ -3,6 +3,6 @@
1 1 Pri GPT header
2 32 Pri GPT table
34 1024 1 GPT part - EFI System
- 1058 9150 2 GPT part - NetBSD FFSv1/FFSv2
+ 1058 9150 2 GPT part - NetBSD Cryptographic Disk
10208 32 Sec GPT table
10240 1 Sec GPT header
https://releng.netbsd.org/b5reports/i386/commits-2023.09.html#build-2023.09.26.15.47.11
MAIN commitmail json YAML
/etc/rc.d/certctl_init: Default off.
Otherwise in systems without certctl_init=YES, such as systems
installed with sysinst(8) where it's unnecessary because the rehash
has already happened at install time, you'll get spurious warnings.
PR install/57629
XXX pullup-10
Otherwise in systems without certctl_init=YES, such as systems
installed with sysinst(8) where it's unnecessary because the rehash
has already happened at install time, you'll get spurious warnings.
PR install/57629
XXX pullup-10
MAIN commitmail json YAML
mozilla-certdata: Run certdata.awk with LC_ALL=C.
This has to be able to printf("%c", ...) to emit arbitrary bytes of
output in order to decode the octal-formatted DER data and print it
as raw binary DER data.
Relevant only at import time, doesn't affect builds.
This has to be able to printf("%c", ...) to emit arbitrary bytes of
output in order to decode the octal-formatted DER data and print it
as raw binary DER data.
Relevant only at import time, doesn't affect builds.
MAIN commitmail json YAML
ec2_init: Suppress error message for nonexistent sysctl.
We're querying to see whether the sysctl node is available and if so
what its text is, not interested in the error message.
XXX pullup-10
We're querying to see whether the sysctl node is available and if so
what its text is, not interested in the error message.
XXX pullup-10
MAIN commitmail json YAML
src/distrib/amd64/liveimage/emuimage/rc.conf.emuimage@1.3
/
diff
/
nxr@1.3
src/distrib/evbarm/liveimage/armimage/rc.conf.armimage@1.2 / diff / nxr@1.2
src/distrib/sets/lists/etc/mi@1.273 / diff / nxr@1.273
src/distrib/utils/embedded/conf/evbarm.conf@1.42 / diff / nxr@1.42
src/distrib/utils/embedded/conf/evbmips.conf@1.4 / diff / nxr@1.4
src/distrib/utils/embedded/conf/riscv.conf@1.2 / diff / nxr@1.2
src/distrib/utils/embedded/conf/usermode.conf@1.7 / diff / nxr@1.7
src/distrib/utils/embedded/conf/x86.conf@1.11 / diff / nxr@1.11
src/etc/rc.d/Makefile@1.118 / diff / nxr@1.118
src/etc/rc.d/certctl_init@1.1 / diff / nxr@1.1
src/distrib/evbarm/liveimage/armimage/rc.conf.armimage@1.2 / diff / nxr@1.2
src/distrib/sets/lists/etc/mi@1.273 / diff / nxr@1.273
src/distrib/utils/embedded/conf/evbarm.conf@1.42 / diff / nxr@1.42
src/distrib/utils/embedded/conf/evbmips.conf@1.4 / diff / nxr@1.4
src/distrib/utils/embedded/conf/riscv.conf@1.2 / diff / nxr@1.2
src/distrib/utils/embedded/conf/usermode.conf@1.7 / diff / nxr@1.7
src/distrib/utils/embedded/conf/x86.conf@1.11 / diff / nxr@1.11
src/etc/rc.d/Makefile@1.118 / diff / nxr@1.118
src/etc/rc.d/certctl_init@1.1 / diff / nxr@1.1
/etc/rc.d/cerctl_init: New script for certctl rehash in live images.
This is very limited -- it does not supplant postinstall to rehash
certificates on upgrade; it only runs certctl rehash if
/etc/openssl/certs is an empty directory, as you get in live images
not created with sysinst.
We could also have a more general-purpose way to run postinstall(8)
on first boot of an image, but that has a lot more moving parts to
think about, so let's start with this limited-scope low-risk
approach.
PR install/57629
XXX pullup-10
This is very limited -- it does not supplant postinstall to rehash
certificates on upgrade; it only runs certctl rehash if
/etc/openssl/certs is an empty directory, as you get in live images
not created with sysinst.
We could also have a more general-purpose way to run postinstall(8)
on first boot of an image, but that has a lot more moving parts to
think about, so let's start with this limited-scope low-risk
approach.
PR install/57629
XXX pullup-10
MAIN commitmail json YAML
sys/sleepq.h: Fix more syncobj_t creep.
MAIN commitmail json YAML
sys/lwp.h: Oops -- l_syncobj needs const now.
MAIN commitmail json YAML
sys/lwp.h: Revert unnecessary style- and build-breaking change.
Broke the clang builds because of duplicate syncobj_t definitions.
Just use `struct syncobj'; the `syncobj_t' alias causes more trouble
than it's worth -- KNF now advises against it and I see no compelling
reason to make an exception here.
Broke the clang builds because of duplicate syncobj_t definitions.
Just use `struct syncobj'; the `syncobj_t' alias causes more trouble
than it's worth -- KNF now advises against it and I see no compelling
reason to make an exception here.
MAIN commitmail json YAML
sbmips/systemsw.h: sys/stdbool.h for bool.
XXX sys/types.h should bring this in too, but that doesn't happen in
the crash(8) build, perhaps because sys/types.h only includes
sys/stdbool.h under _KERNEL or _STANDALONE but not _KMEMUSER -- maybe
we should fix that but this is a lower-risk change for now to fix a
build problem.
Found by Jan-Benedict Glaw.
XXX sys/types.h should bring this in too, but that doesn't happen in
the crash(8) build, perhaps because sys/types.h only includes
sys/stdbool.h under _KERNEL or _STANDALONE but not _KMEMUSER -- maybe
we should fix that but this is a lower-risk change for now to fix a
build problem.
Found by Jan-Benedict Glaw.
MAIN commitmail json YAML
Revert "Teach zfs bdevsw to do b_psize."
This is used only by dump and swap, which won't work safely on zvols
anyway. We should make swap work eventually, but right now it's
leading unwary ussers into deadlock scenarios, so let's make it fail
early instead.
This is used only by dump and swap, which won't work safely on zvols
anyway. We should make swap work eventually, but right now it's
leading unwary ussers into deadlock scenarios, so let's make it fail
early instead.
MAIN commitmail json YAML
Revert "once(9): Assert sleepable in RUN_ONCE, unconditionally."
This would be nice but it'll break too many things for the moment.
This would be nice but it'll break too many things for the moment.
MAIN commitmail json YAML
solaris: Use pool_cache_reclaim, not pool_cache_invalidate.
pool_cache_invalidate invalidates cached objects, but doesn't return
any backing pages to the underlying page allocator.
pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing
pages to the underlying page alloator, so it is actually useful for
the page daemon to do when trying to free memory.
PR kern/57558
XXX pullup-10
XXX pullup-9
XXX pullup-8 (by patch to kmem.h instead of kmem.c)
pool_cache_invalidate invalidates cached objects, but doesn't return
any backing pages to the underlying page allocator.
pool_cache_reclaim does pool_cache_invalidate _and_ reutrns backing
pages to the underlying page alloator, so it is actually useful for
the page daemon to do when trying to free memory.
PR kern/57558
XXX pullup-10
XXX pullup-9
XXX pullup-8 (by patch to kmem.h instead of kmem.c)
MAIN commitmail json YAML
once(9): Assert sleepable in RUN_ONCE, unconditionally.
Otherwise there's a good chance we'll never exercise many paths that
call RUN_ONCE when it's not sleepable, just because it's already been
done in a sleepable context before.
Otherwise there's a good chance we'll never exercise many paths that
call RUN_ONCE when it's not sleepable, just because it's already been
done in a sleepable context before.
MAIN commitmail json YAML
Makefile: Run `postinstall -d /', not `postinstall -d //'.
This happens when doing `build.sh install=/'. The message is less
confusing and it makes postinstall's job simpler for detecting when
it's installing to / rather than somewhere else.
This happens when doing `build.sh install=/'. The message is less
confusing and it makes postinstall's job simpler for detecting when
it's installing to / rather than somewhere else.
MAIN commitmail json YAML
sysinst(1): Run `certctl rehash' on fresh installs.
It has come to my attention that sysinst does not, in fact, run
postinstall(8) post-install -- only post-upgrade.
Perhaps we should change this so that postinstall serves the purpose
it says on the box -- make postinstall mandatory for new
installations.
XXX pullup-10
It has come to my attention that sysinst does not, in fact, run
postinstall(8) post-install -- only post-upgrade.
Perhaps we should change this so that postinstall serves the purpose
it says on the box -- make postinstall mandatory for new
installations.
XXX pullup-10
MAIN commitmail json YAML
pam_ksu(8): Allow homedir access during kuserok.
Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.
(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)
I reviewed libkrb5 for homedir access checks. There are three:
1. krb5_config_parse_file_multi, called only by:
- verify_krb5_conf -- not relevant
- krb5_config_parse_file -- not used here as far as I can tell,
only by libhdb ldap logic and test code in heimdal
- krb5_set_config_files -- used here only via krb5_init_context,
which is done at this point
2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
which shouldn't be happening at this point, so this is almost
certainly unreachable; also it only appears to control whether
some old plugin API can be used, long after we have read the krb5
config controlling which plugins are available, so this is
probably harmless
3. krb5_kuserok, which is the one we want to allow
Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.
XXX pullup-10
XXX pullup-9
XXX pullup-8
Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.
(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)
I reviewed libkrb5 for homedir access checks. There are three:
1. krb5_config_parse_file_multi, called only by:
- verify_krb5_conf -- not relevant
- krb5_config_parse_file -- not used here as far as I can tell,
only by libhdb ldap logic and test code in heimdal
- krb5_set_config_files -- used here only via krb5_init_context,
which is done at this point
2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
which shouldn't be happening at this point, so this is almost
certainly unreachable; also it only appears to control whether
some old plugin API can be used, long after we have read the krb5
config controlling which plugins are available, so this is
probably harmless
3. krb5_kuserok, which is the one we want to allow
Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.
XXX pullup-10
XXX pullup-9
XXX pullup-8
MAIN commitmail json YAML
src/crypto/external/bsd/heimdal/lib/Makefile@1.3
/
diff
/
nxr@1.3
src/crypto/external/bsd/heimdal/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/crypto/external/bsd/netpgp/lib/Makefile@1.18 / diff / nxr@1.18
src/crypto/external/bsd/netpgp/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/atf/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/atf/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/elftoolchain/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/elftoolchain/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/libevent/lib/Makefile@1.5 / diff / nxr@1.5
src/external/bsd/libevent/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/openldap/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/openldap/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/lib/Makefile@1.297 / diff / nxr@1.297
src/crypto/external/bsd/heimdal/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/crypto/external/bsd/netpgp/lib/Makefile@1.18 / diff / nxr@1.18
src/crypto/external/bsd/netpgp/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/atf/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/atf/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/elftoolchain/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/elftoolchain/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/libevent/lib/Makefile@1.5 / diff / nxr@1.5
src/external/bsd/libevent/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/external/bsd/openldap/lib/Makefile@1.3 / diff / nxr@1.3
src/external/bsd/openldap/lib/Makefile.subdir@1.1 / diff / nxr@1.1
src/lib/Makefile@1.297 / diff / nxr@1.297
lib: Handle various external lib directories with build_install.
This way, update builds track shlib major bumps correctly.
For example, suppose you had built Heimdal's libkrb5.so.27 and
libgssapi.so.11 linked against it, and then you updated past the recent
shlib major bump raising them to libkrb5.so.28 and libgssapi.so.12.
Without this change, the build will make the following sequence of
targets (interleaved with some others):
1. make dependall in libkrb5
2. make dependall in libgssapi
3. make install in libkrb5
4. make install in libgssapi
The existing .WAIT tags in SUBDIR ensure that (1) happens before (2)
and (3) happens before (4). Unfortunately, this sequence is wrong,
because it will produce the following effect:
1. make dependall in libkrb5 builds libkrb5.so.28
2. make dependall in libgssapi builds libgssapi.so.12, linked against
libkrb5.so.27
3. make install in libkrb5 installs libkrb5.so.28
4. make install in libgssapi installs libgssapi.so.12
Why the out-of-date libkrb5.so.27 in step (2)? Because we just pass
-L${DESTDIR}/usr/lib -lkrb5 to the linker (or the equivalent with
--sysroot and implied -L/usr/lib), and ${DESTDIR}/usr/lib still has
only libkrb5.so.27 by the time of step (2), not libkrb5.so.28.
Now any applications that link against libkrb5.so _and_ libgssapi.so
will get libkrb5.so.28 and libgssapi.so.12 -- but transitively, via
libgssapi.so.12, they will also get libkrb5.so.27, which is a recipe
for disaster.
Splicing the Heimdal library subdirectories into lib/Makefile, as
this does, ensures that we run make dependall _and_ make install in
libkrb5 _before_ make dependall in libgssapi, giving the following
correct sequence:
1. make dependall in libkrb5 builds libkrb5.so.28
2. make install in libkrb5 installs libkrb5.so.28
3. make dependall in libgssapi builds libgssapi.so.12, linked against
libkrb5.so.28
4. make install in libgssapi installs libgssapi.so.12
Note that LIBDPLIBS isn't enough here, as implemented. LIBDPLIBS
ensures that the incremental build will remake libgssapi.so. But it
doesn't ensure that the new libkrb5.so.28 is available before then,
so it doesn't prevent this problem.
We use the same mechanism for crypto/external/bsd/openssl/lib
already; this just extends it to other external library collections.
As an alternative, in principle perhaps we could teach LIBDPLIBS to
ensure that libkrb5.so comes out of the libkrb5 objdir, and not out
of ${DESTDIR}/usr/lib. But that requires some work to make happen,
and make it reliable, whereas this approach we've already confirmed
works without other adverse consequences (besides leaving
grody-looking mechanism lying around) for the libcrypto major bump
already. We need to get this pulled up to the branch so all the
other major bumps it required are handled correctly by update builds.
XXX pullup-10
This way, update builds track shlib major bumps correctly.
For example, suppose you had built Heimdal's libkrb5.so.27 and
libgssapi.so.11 linked against it, and then you updated past the recent
shlib major bump raising them to libkrb5.so.28 and libgssapi.so.12.
Without this change, the build will make the following sequence of
targets (interleaved with some others):
1. make dependall in libkrb5
2. make dependall in libgssapi
3. make install in libkrb5
4. make install in libgssapi
The existing .WAIT tags in SUBDIR ensure that (1) happens before (2)
and (3) happens before (4). Unfortunately, this sequence is wrong,
because it will produce the following effect:
1. make dependall in libkrb5 builds libkrb5.so.28
2. make dependall in libgssapi builds libgssapi.so.12, linked against
libkrb5.so.27
3. make install in libkrb5 installs libkrb5.so.28
4. make install in libgssapi installs libgssapi.so.12
Why the out-of-date libkrb5.so.27 in step (2)? Because we just pass
-L${DESTDIR}/usr/lib -lkrb5 to the linker (or the equivalent with
--sysroot and implied -L/usr/lib), and ${DESTDIR}/usr/lib still has
only libkrb5.so.27 by the time of step (2), not libkrb5.so.28.
Now any applications that link against libkrb5.so _and_ libgssapi.so
will get libkrb5.so.28 and libgssapi.so.12 -- but transitively, via
libgssapi.so.12, they will also get libkrb5.so.27, which is a recipe
for disaster.
Splicing the Heimdal library subdirectories into lib/Makefile, as
this does, ensures that we run make dependall _and_ make install in
libkrb5 _before_ make dependall in libgssapi, giving the following
correct sequence:
1. make dependall in libkrb5 builds libkrb5.so.28
2. make install in libkrb5 installs libkrb5.so.28
3. make dependall in libgssapi builds libgssapi.so.12, linked against
libkrb5.so.28
4. make install in libgssapi installs libgssapi.so.12
Note that LIBDPLIBS isn't enough here, as implemented. LIBDPLIBS
ensures that the incremental build will remake libgssapi.so. But it
doesn't ensure that the new libkrb5.so.28 is available before then,
so it doesn't prevent this problem.
We use the same mechanism for crypto/external/bsd/openssl/lib
already; this just extends it to other external library collections.
As an alternative, in principle perhaps we could teach LIBDPLIBS to
ensure that libkrb5.so comes out of the libkrb5 objdir, and not out
of ${DESTDIR}/usr/lib. But that requires some work to make happen,
and make it reliable, whereas this approach we've already confirmed
works without other adverse consequences (besides leaving
grody-looking mechanism lying around) for the libcrypto major bump
already. We need to get this pulled up to the branch so all the
other major bumps it required are handled correctly by update builds.
XXX pullup-10
MAIN commitmail json YAML
postinstall(8): Modify default certs.conf.
When manually configured /etc/openssl/certs is detected, just
uncomment the `#manual' line in the default certs.conf rather than
writing a new one. That way, you can switch to certctl-managed and
still get the default path by just deleting /etc/openssl/certs and
re-commenting the `manual' line.
When manually configured /etc/openssl/certs is detected, just
uncomment the `#manual' line in the default certs.conf rather than
writing a new one. That way, you can switch to certctl-managed and
still get the default path by just deleting /etc/openssl/certs and
re-commenting the `manual' line.
MAIN commitmail json YAML
src/external/bsd/atf/lib/libatf-c++/shlib_version@1.4
/
diff
/
nxr@1.4
src/external/bsd/atf/lib/libatf-c/shlib_version@1.2 / diff / nxr@1.2
src/external/bsd/jemalloc/lib/shlib_version@1.2 / diff / nxr@1.2
src/external/bsd/lutok/lib/liblutok/shlib_version@1.4 / diff / nxr@1.4
src/external/bsd/unbound/lib/libunbound/shlib_version@1.5 / diff / nxr@1.5
src/external/mit/lua/lib/liblua/shlib_version@1.5 / diff / nxr@1.5
src/lib/libexecinfo/shlib_version@1.2 / diff / nxr@1.2
src/external/bsd/atf/lib/libatf-c/shlib_version@1.2 / diff / nxr@1.2
src/external/bsd/jemalloc/lib/shlib_version@1.2 / diff / nxr@1.2
src/external/bsd/lutok/lib/liblutok/shlib_version@1.4 / diff / nxr@1.4
src/external/bsd/unbound/lib/libunbound/shlib_version@1.5 / diff / nxr@1.5
src/external/mit/lua/lib/liblua/shlib_version@1.5 / diff / nxr@1.5
src/lib/libexecinfo/shlib_version@1.2 / diff / nxr@1.2
*/shlib_version: Ensure a boring line between RCS id and all else.
This makes cherry-picks easier by avoiding conflicts between the RCS
id and the interesting changes.
This makes cherry-picks easier by avoiding conflicts between the RCS
id and the interesting changes.
MAIN commitmail json YAML
src/distrib/sets/lists/base/shl.mi@1.971
/
diff
/
nxr@1.971
src/distrib/sets/lists/debug/shl.mi@1.332 / diff / nxr@1.332
src/libexec/httpd/libbozohttpd/shlib_version@1.2 / diff / nxr@1.2
src/libexec/httpd/lua/shlib_version@1.2 / diff / nxr@1.2
src/distrib/sets/lists/debug/shl.mi@1.332 / diff / nxr@1.332
src/libexec/httpd/libbozohttpd/shlib_version@1.2 / diff / nxr@1.2
src/libexec/httpd/lua/shlib_version@1.2 / diff / nxr@1.2
libbozohttpd, libluabozohttpd: Bump major for libssl.so bump.
libluabozohttpd doesn't appear to be installed, but let's bump the
major just in case.
PR lib/57603
XXX pullup-10
libluabozohttpd doesn't appear to be installed, but let's bump the
major just in case.
PR lib/57603
XXX pullup-10
MAIN commitmail json YAML
sys/param.h: Welcome to 10.99.8!
Courtesy of nestable heartbeat_suspend/resume, which changed struct
cpu_info.
Courtesy of nestable heartbeat_suspend/resume, which changed struct
cpu_info.