Destroy ifq_lock at the end of if_detach

It still can be used in if_detach.

(ozaki-r)

Avoid panic while detaching xhci. The xhci driver has both sc_child and
sc_child2 but xhci_childdet() only supported sc_child. OK'd by Nick.

(msaitoh)

Make wm(4) watchdog MP-safe. There is almost no influence on performance.

wm(4) does not use ifp->if_watchdog now, that is, it does not touch
ifp->if_timer.
It also uses own callout(wm_tick) as watchdog now. The watchdog uses
per-queue counter to check timeout. So, global lock is not required.

(knakahara)

Apply C99-style struct initialization to syncobj_t

(ozaki-r)

Fix issues with trie implementation.  Now passes the locale tests when __STDC_ISO_10646__ is defined, with the exception of tests requiring LC_COLLATE support.

(perseant)

more cleanup (don't allow oldlenp == NULL)

(christos)

Ticket #1557

(martin)

Pull up following revision(s) (requested by maxv in ticket #1557):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Ticket #1557

(martin)

Pull up following revision(s) (requested by maxv in ticket #1557):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Ticket #1557

(martin)

Pull up following revision(s) (requested by maxv in ticket #1557):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

remove some leftover references to ki2c in comments
no functional change

(macallan)

Ticket #1521

(martin)

Pull up following revision(s) (requested by maxv in ticket #1521):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Ticket #1521

(martin)

Pull up following revision(s) (requested by maxv in ticket #1521):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Ticket #1521

(martin)

Pull up following revision(s) (requested by maxv in ticket #1521):
sys/netipsec/xform_ah.c: revision 1.76
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Cosmetics: fix the order of calloc() arguments.

(martin)

Drop commended out include to a hardcoded path in root's home directory.

(sevan)

Note import of dhcpcd-7.0.1

(roy)

Sync

(roy)

Start cleaning up ip6_input.c. Several pieces of code have evolved but
their neighboring comments were not updated. So update them, and remove
code that has been disabled for years (it has no use anyway).

(maxv)

Style, and use __cacheline_aligned.

By the way, it would be nice to revisit the use of 'ip6flow_lock' in
ip6flow_fastforward(): it is taken right away because of 'ip6flow_inuse',
but then we perform several checks that do not require it.

(maxv)

style

(maxv)

Fix two pretty bad mistakes. If ipsec6_check_policy fails m is not freed,
and a 'goto out' is missing after ipsec6_process_packet.

(maxv)

Fix unmatched return type. The return value of wm_txeof() is not useded yet.

(knakahara)

One more from christos@

No need to initialize fill_func

(pgoyette)

Fix if_wm.c:r1.557 merge miss, sorry.

(knakahara)

More simplification, this time from ozaki-r@

No need to break after return.

(pgoyette)

Simplify, from christos@

(pgoyette)

Use existing fill_[pd]rlist() functions to calculate size of buffer to
allocate, rather than relying on an arbitrary length passed in from
userland.

Allow copyout() of partial results if the user buffer is too small, to
be consistent with the way sysctl(3) is documented.

Garbage-collect now-unused third parrameter in the fill_[pd]rlist()
functions.

As discussed on IRC.
OK kamil@ and christos@

XXX Needs pull-up to netbsd-8 branch.

(pgoyette)

- don't return ENOMEM for errors not related to memory
- don't overload return values (-error/+size)
- don't allocate kernel memory from user supplied length.

(christos)

Enable CPU frequency scaling and thermal sensors.

(jmcneill)

Add support for H5 simple framebuffer, CPUX clocks, R_I2C controller, SID
controller, and thermal sensors.

(jmcneill)

Add support for H5 CPU and GPU thermal sensors.

(jmcneill)

Allow set_voltage/get_voltage to succeed on a fixed regulator so long as
the requested range overlaps with the fixed rate defined in the devicetree.

(jmcneill)

CID-1428671: Unchecked malloc/strdup

(christos)

CID-1428670: Uncheck malloc

(christos)

Compute Core/SMT-IDs for AMD family 17h (Ryzen).

(mlelstv)

CPUID tells the ApicIdCoreIdSize in bits.

(mlelstv)

add an annotation.

(christos)

CID-1428639: make sure we always initialiaze hash, because if ultimately
the file is not found and we end up looping we need them.

(christos)

Check for undefined behaviour when doing right-shift.

(mlelstv)

Fix copy paste error. from coverity.

(maya)

Don't print an error when we find a CIS tuple code in the vendor-unique
range (80h-8Fh).

(jmcneill)

Replace CRTC register values with ones taken from sys/dev/ic/vga_subr.c.

This fixes noise around column 3 and 4 and makes screen output clearer
on Milan with S3 Trio64V.

(tsutsui)

Use a protocol-agnostic URL (don't degrade HTTPS->HTTP)

Suggested by Travis Paul in PR bin/52958.

(maya)

Prevent use-after-free where genfs_node_destroy() would destroy
a lock residing in the just freed inode data.

(hannken)

Make sure inode blocks and size are zero when VOP_INACTIVE()
finalises a now unlinked inode.
Counterpart of the check in ffs_newvnode().

(hannken)

Make the console framebuffer visible when polling mode console input is used.

(jandberg)

Shrink ramdisk to fit INSTALL kernel within 5MB:
- drop shutdown
- replace disklabel, fsck_ffs, and newfs with stripped-down versions

(rin)

explain how to allow coverity to use sysroot

(christos)

apply the change from arch/x86/x86/pmap.c rev. 1.266 commitid vZRjvmxG7YTHLOfA:

In pmap_enter_ma(), only try to allocate pves if we might need them,
and even if that fails, only fail the operation if we later discover
that we really do need them.  If we are replacing an existing mapping,
reuse the pv structure where possible.

This implements the requirement that pmap_enter(PMAP_CANFAIL) must not fail
when replacing an existing mapping with the first mapping of a new page,
which is an unintended consequence of the changes from the rmind-uvmplock
branch in 2011.

The problem arises when pmap_enter(PMAP_CANFAIL) is used to replace an existing
pmap mapping with a mapping of a different page (eg. to resolve a copy-on-write).
If that fails and leaves the old pmap entry in place, then UVM won't hold
the right locks when it eventually retries.  This entanglement of the UVM and
pmap locking was done in rmind-uvmplock in order to improve performance,
but it also means that the UVM state and pmap state need to be kept in sync
more than they did before.  It would be possible to handle this in the UVM code
instead of in the pmap code, but these pmap changes improve the handling of
low memory situations in general, and handling this in UVM would be clunky,
so this seemed like the better way to go.

This somewhat indirectly fixes PR 52706 on the remaining platforms where
this problem existed.

(chs)

Recent changes have increased the number of "things" the bootloader
needs to deal with.  Increase the table size so we don't overflow.

(pgoyette)

Update amdzentemp(4) attachment info.  Also for ALL, remove duplicate
entry for amdtemp(4).

(pgoyette)

Update attachment info - amdtemp(4) attaches to amdnb_miscbus attribute

(pgoyette)

Update attachment details for amdzentemp - it attaches to amdsmnbus? now.

(pgoyette)

rescan amdsmnbus instead of amdsmn (fixes panic)

(kardel)

Remove trailing whitespace and Tn macro.

(wiz)

Declare INTR_RECURSE_HWFRAME, same as amd64.

(maxv)

style

(maxv)

Put the default %cs value in INTR_RECURSE_HWFRAME. Pushing an immediate
costs less than reading the %cs register and pushing its value. This
value is not allowed to be != GSEL(GCODE_SEL,SEL_KPL) in all cases.

(maxv)

Declare and use INTR_RECURSE_ENTRY, an optimized version of INTRENTRY.
When processing deferred interrupts, we are always entering the new
handler in kernel mode, so there is no point performing the userland
checks.

Saves several instructions.

(maxv)

Use testb, faster.

(maxv)

Fix issue with audio being downpitched, thanks to <nat>

"it seems that snapper_init should be called before audio_attach_mi, as snapper
init is setting the rate to 44100 after the hardware format has been configured
by audio_attach_mi.

audio_attach_mi should be the last thing called during an attach of an audio
device so the audio device is ready to be configured when audio_attach_mi is
called."

Resolves PR port-macppc/52949

(sevan)

SMAP on i386.

(maxv)

Apply RTL8211E "no-tx-delay" workaround to NanoPi NEO Plus2 boards as well.

(jmcneill)

Fix more printf format strings for mfspr() (hi mrg).

(flxd)

Add SMAP support for i386.

(maxv)

Remove DO_DEFERRED_SWITCH and DO_DEFERRED_SWITCH_RETRY, unused.

(maxv)

Use .pushsection (like amd64), and align INTRENTRY.

(maxv)

Remove these files. No one cares about this on i386, and there is no
point in keeping undocumented options nobody understands anyway.

(maxv)

Sync with amd64, in particular, add END() markers, don't fall through
functions, narrow the copy windows, and remove suword.

(maxv)

Need strings.h for ffs()
Resolves implict declaration warning of ffs() when building tools via build.sh

(sevan)

Need strings.h for ffs()

(sevan)

use the intermediate bus

(christos)

provide an intermediate "bus" for the module and to be the same structure
like amdtemp

(christos)

remove useless KASSERT.

(christos)

Fix typo in previous.  mea culpa, mea culpa, mea maxima culpa

(pgoyette)

sc->sc_sensor cannot be NULL since it was just allocated with KM_SLEEP
(which cannot fail).  So remove the NULL-check.  CID/1428644

(pgoyette)

Ensure that dev is not NULL - CID/1428649

(pgoyette)

Bounds checking - CID/1428650

(pgoyette)

Unitialized variable - CID/1428657

(pgoyette)

Note tickets #508, #510, #511 and #512

(martin)

Pull up following revision(s) (requested by maxv in ticket #512):
sys/netipsec/xform_ah.c: revision 1.75
sys/netipsec/xform_ah.c: revision 1.76
Revert a part of rev1.49 (six months ago). The pointer given to memcpy
was correct.
Discussed with Christos and Ryota.
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.

(martin)

Another try fixing printf format using the ultimate uintmax_t idiom.

(flxd)

Fix 82574 MSI-X mode cannot receive packets after 82574 receives high rate traffic.

In short, 82574 MSI-X mode does not cause RXQ MSI-X vector when 82574's
phys FIFO overflows. I don't know why but 82574 causes not RXQ MSI-X vector
but OTHER MSI-X vector at the situation.
see:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v4.15-rc9&id=4aea7a5c5e940c1723add439f4088844cd26196d

advised by msaitoh@n.o, thanks.

(knakahara)

Pull up following revision(s) (requested by ozaki-r in ticket #511):
sys/kern/kern_timeout.c: revision 1.54
sys/netinet6/nd6_nbr.c: revision 1.141
sys/netinet6/nd6_nbr.c: revision 1.144
sys/netinet/if_arp.c: revision 1.256
Fix a deadlock on callout_halt of nd6_dad_timer
We must not call callout_halt of nd6_dad_timer with holding nd6_dad_lock because
the lock is taken in nd6_dad_timer. Once softnet_lock goes away, we can pass the
lock to callout_halt, but for now we cannot.
Make DAD destructions (MP-)safe with callout_stop
arp_dad_stoptimer and nd6_dad_stoptimer can be called with or without
softnet_lock held and unfortunately we have no easy way to statically know which.
So it is hard to use callout_halt there.
To address the situation, we use callout_stop to make the code safe. The new
approach copes with the issue by delegating the destruction of a callout to
callout itself, which allows us to not wait the callout to finish. This can be
done thanks to that DAD objects are separated from other data such as ifa.
The approach is suggested by riastradh@
Proposed on tech-kern@ and tech-net@
Sanity-check if interlock is held when it's passed

(martin)

Remove Tn. Mention first NetBSD release.

(wiz)

A few fixes:

* Style.

* Don't add M_PKTHDR manually, that's absolutely forbidden. Add a
  KASSERT to make sure it's already there.

* Add a missing NULL check after m_pullup.

(maxv)

Add etherip, so that we at least know it exists on amd64.

(maxv)

Zero out the scratch value in the UTLS page during context switches. We
temporarily put %rax there when processing syscalls, and we wouldn't
want the new lwp to see the %rax value of the previous lwp.

(maxv)

Pull up following revision(s) (requested by sevan in ticket #510):
sys/arch/sun3/conf/GENERIC3X: revision 1.130
sys/arch/sparc64/conf/GENERIC: revision 1.203
sys/arch/news68k/conf/LIBERO: revision 1.66
sys/arch/amiga/conf/DRACO: revision 1.185
sys/arch/evbarm/conf/MV2120: revision 1.35
sys/arch/x68k/conf/GENERIC: revision 1.187
sys/arch/rs6000/conf/GENERIC: revision 1.39
sys/arch/news68k/conf/GENERIC_TINY: revision 1.86
sys/arch/i386/conf/XEN3_DOMU: revision 1.88
sys/arch/iyonix/conf/GENERIC: revision 1.97
sys/arch/evbarm64/conf/A64EMUL: revision 1.11
sys/arch/mvme68k/conf/GENERIC: revision 1.98
sys/arch/acorn32/conf/GENERIC: revision 1.124
sys/arch/i386/conf/XEN3_DOM0: revision 1.125
sys/arch/cobalt/conf/INSTALL: revision 1.65
sys/arch/macppc/conf/GENERIC_601: revision 1.16
sys/arch/hppa/conf/GENERIC: revision 1.17
sys/arch/amiga/conf/GENERIC.in: revision 1.137
sys/arch/sgimips/conf/GENERIC32_IP12: revision 1.33
sys/arch/netwinder/conf/GENERIC: revision 1.134
sys/arch/amd64/conf/XEN3_DOMU: revision 1.83
sys/arch/mac68k/conf/GENERIC: revision 1.225
sys/arch/arc/conf/RPC44: revision 1.54
sys/arch/mipsco/conf/GENERIC: revision 1.92
sys/arch/cats/conf/GENERIC: revision 1.166
sys/arch/amd64/conf/XEN3_DOM0: revision 1.145
sys/arch/amigappc/conf/GENERIC: revision 1.33
sys/arch/sun3/conf/GENERIC: revision 1.176
sys/arch/news68k/conf/GENERIC: revision 1.130
sys/arch/hpcsh/conf/GENERIC: revision 1.110
sys/arch/hp300/conf/GENERIC: revision 1.198
sys/arch/atari/conf/GENERIC.in: revision 1.115
sys/arch/sparc/conf/MRCOFFEE: revision 1.54
sys/arch/evbppc/conf/EXPLORA451: revision 1.62
sys/arch/cesfic/conf/GENERIC: revision 1.69
sys/arch/vax/conf/GENERIC: revision 1.204
sys/arch/sgimips/conf/GENERIC32_IP3x: revision 1.115
sys/arch/sgimips/conf/GENERIC32_IP2x: revision 1.112
sys/arch/sparc/conf/GENERIC: revision 1.258
sys/arch/next68k/conf/GENERIC: revision 1.145
sys/arch/evbarm/conf/MMNET_GENERIC: revision 1.34
sys/arch/prep/conf/GENERIC: revision 1.185
sys/arch/amiga/conf/INSTALL: revision 1.129
sys/arch/newsmips/conf/GENERIC: revision 1.133
sys/arch/cobalt/conf/GENERIC: revision 1.156
sys/arch/sun2/conf/GENERIC: revision 1.99
sys/arch/luna68k/conf/INSTALL: revision 1.25
sys/arch/amigappc/conf/NULL: revision 1.53
sys/arch/acorn26/conf/GENERIC: revision 1.85
sys/arch/vax/conf/VAX780: revision 1.25
sys/arch/luna68k/conf/GENERIC: revision 1.125
sys/arch/ews4800mips/conf/GENERIC: revision 1.56
sys/arch/macppc/conf/POWERMAC_G5: revision 1.29
sys/arch/arc/conf/GENERIC: revision 1.189
sys/arch/macppc/conf/MAMBO: revision 1.27
sys/arch/acorn32/conf/EB7500ATX: revision 1.64
sys/arch/pmax/conf/GENERIC: revision 1.196
sys/arch/pmax/conf/GENERIC64: revision 1.28
sys/arch/amiga/conf/GENERIC: revision 1.319
sys/arch/evbarm/conf/MPCSA_GENERIC: revision 1.55
sys/arch/macppc/conf/GENERIC: revision 1.339
sys/arch/emips/conf/GENERIC: revision 1.21
sys/arch/sandpoint/conf/GENERIC: revision 1.97
sys/arch/landisk/conf/GENERIC: revision 1.58
sys/arch/bebox/conf/GENERIC: revision 1.157
sys/arch/alpha/conf/GENERIC: revision 1.379
Alternate buffer queue strategies no longer considered experimental, update
description.
Discussed on tech-kern
http://mail-index.netbsd.org/tech-kern/2018/01/21/msg023002.html

(martin)

Use MH_ALIGN instead, ok knakahara@.

(maxv)

Don't call if_attach, do if_initialize+if_register, otherwise when an
EtherIP packet is received the first KASSERT in if_input() fires.

(maxv)

make this build again.

(christos)

union was removed

(christos)

fix printf format.

(christos)

CID-1427719: Integer handling issues  (BAD_SHIFT). Print bus/slot info
correctly on 82599_SFP_SF_QP(DID 0x154a) and 82599_QSFP_SF_QP(DID 0x1558).

(msaitoh)

Refer softint(9)

(ozaki-r)

Several fixes in L2TP:

* l2tp_input(): use m_copydata, and ensure there is enough space in the
  chain. Otherwise overflow.

* l2tp_tcpmss_clamp(): ensure there is enough space in the chain.

* in_l2tp_output(): don't check 'sc' against NULL, it can't be NULL.

* in_l2tp_input(): no need to call m_pullup since we use m_copydata.
  Just check the space in the chain.

* in_l2tp_input(): if there is a cookie, make sure the chain has enough
  space.

* in6_l2tp_input(): same changes as in_l2tp_input().

Ok knakahara@

(maxv)

Get rid of unnecessary splsoftnet (redo)

Unless NET_MPSAFE, splsoftnet is still needed for rt_* functions.

(ozaki-r)

Revert "Get rid of unnecessary splsoftnet" (v1.133)

It's not always true that softnet_lock is held these places.
See PR kern/52947.

(ozaki-r)

Don't warn about MIPS1 MULTIPROCESSOR in a mips3 file.

(maya)

Update sets lists for new amdsmn(4) and amdzentemp(4) modules

(pgoyette)

Create amdsmn(4) amd amdzentemp(4) modules for X86

(pgoyette)

Modularize the amdsmn(4) driver, and update dependency for amdzentemp(4)

(pgoyette)

mention tzcode2018c

(christos)

Merge tzcode2018c [ changelog with changes to tzdata sections removed ]

Release 2018c - 2018-01-22 23:00:44 -0800

  Changes to build procedure

    The build procedure now works around mawk 1.3.3's lack of support
    for character class expressions.  (Problem reported by Ohyama.)

Release 2018b - 2018-01-17 23:24:48 -0800

  Changes to build procedure

    The distribution now contains the file 'pacificnew' again.
    This file was inadvertantly omitted in the 2018a distribution.
    (Problem reported by Matias Fonzo.)

Release 2018a - 2018-01-12 22:29:21 -0800

  Changes to build procedure

    The default installation locations have been changed to mostly
    match Debian circa 2017, instead of being designed as an add-on to
    4.3BSD circa 1986.  This affects the Makefile macros TOPDIR,
    TZDIR, MANDIR, and LIBDIR.  New Makefile macros TZDEFAULT, USRDIR,
    USRSHAREDIR, BINDIR, ZDUMPDIR, and ZICDIR let installers tailor
    locations more precisely.  (This responds to suggestions from
    Brian Inglis and from Steve Summit.)

    The default installation procedure no longer creates the
    backward-compatibility link US/Pacific-New, which causes
    confusion during user setup (e.g., see Debian bug 815200).
    Use 'make BACKWARD="backward pacificnew"' to create the link
    anyway, for now.  Eventually we plan to remove the link entirely.

    tzdata.zi now contains a version-number comment.
    (Suggested by Tom Lane.)

    The Makefile now quotes values like BACKWARD more carefully when
    passing them to the shell.  (Problem reported by Zefram.)

    Builders no longer need to specify -DHAVE_SNPRINTF on platforms
    that have snprintf and use pre-C99 compilers.  (Problem reported
    by Jon Skeet.)

  Changes to code

    zic has a new option -t FILE that specifies the location of the
    file that determines local time when TZ is unset.  The default for
    this location can be configured via the new TZDEFAULT makefile
    macro, which defaults to /etc/localtime.

    Diagnostics and commentary now distinguish UT from UTC more
    carefully; see theory.html for more information about UT vs UTC.

    zic has been ported to GCC 8's -Wstringop-truncation option.
    (Problem reported by Martin Sebor.)

  Changes to documentation and commentary

    The zic man page now documents the longstanding behavior that
    times and years can be out of the usual range, with negative times
    counting backwards from midnight and with year 0 preceding year 1.
    (Problem reported by Michael Deckers.)

    The theory.html file now mentions the POSIX limit of six chars
    per abbreviation, and lists alphabetic abbreviations used.

    The files tz-art.htm and tz-link.htm have been renamed to
    tz-art.html and tz-link.html, respectively, for consistency with
    other file names and to simplify web server configuration.

(christos)

Correct placement of __diagused attribute

(pgoyette)

Put back the variable declaration, too, and mark it __diagused

Otherwise a DIAGNOSTIC kernel will complain about the variable being
undeclared.

(pgoyette)

Correct the plist entry for ./usr/share/man/cat8/acorn32/MAKEDEV.0

This file is obsolete, replace '.cat' with 'obsolete'.

(kamil)

KNF: Put back the blank line following the empty variable declarations

(pgoyette)

Kick zero-sized fragments. We can't allow them to enter; two fragments
could be put at the same offset.

(maxv)

.Li is superfluous inside .Bd -literal

(uwe)

Formatting fixes.

(uwe)

sync with tzcode-2018c

(christos)

Don't call xennet_softstart from hard interrupt; schedule softint.

Fixes panic in bpf_mtap which expects to be called only in softint.

(riastradh)

Use a random opaque cookie, not kva pointer, for nfssvc(2).

(What were they smoking?!)

I suspect most of this is actually dead code that wasn't properly
amputated along with the rest of the gangrene of NFSKERB a decade
ago, but I'm out of time to investigate further.  If someone else
wants to kill NFSSVC_AUTHIN/NFSSVC_AUTHINFAIL and the rest of the
tentacular kerberosity, be my guest.

Noted by Silvio Cesare of InfoSect.

(riastradh)

regen

(sborrill)

Add Marvell Yukon 88E8040T

(sborrill)

Remove outdated comment and fix typo.

(maxv)

Several changes:

* Move the structure definitions into frag6.c, they should not be used
  elsewhere.

* Rename ip6af_mff -> ip6af_more, and switch it to bool, easier to
  understand.

* Remove IP6_REASS_MBUF, no point in keeping this.

* Remove ip6q_arrive and ip6q_nxtp, unused.

* Style.

(maxv)

Unused variable build fix. (now void *aux is unused)

(prlw1)

do boundary checks when writing cursor sprite colour registers

(macallan)

Xref the right driver.  .An -nosplit  Delint.

(uwe)

New sentence - new line.  Sort sections.  Use .Xr to refer to amdtemp(4).

(uwe)

Style, reduce the indentation level when possible, and add a missing NULL
check after M_PREPEND.

(maxv)

style

(maxv)

Add missing article 'a'

(pgoyette)

Fix .Dt name.  Formatting fixes.

(uwe)

Improve wording.

(maxv)

Improve wording, and put a new drawing, from me and Kengo Nakahara.

(maxv)

Revert previous.

obsolete + other tags is not easy to clean up.

(wiz)

Some clean-up on the HISTORY and AUTHORS sections, and addition of a BUGS
section to document the fact that we don't yet handle the required temp
offset, nor do we expose the available thermal-trip value.

(pgoyette)

Added myself.

(yamaguchi)

Add locking.

(christos)

use named initializers

(christos)

Fix another deadlock

When waiting for a route update to finish, a waiter has to release its reference
to the route to avoid a deadlock. Because a updater tries to wait for references
to a target route (except for a reference by the updater itself) to be released.

(ozaki-r)

Abandon unnecessary softint

The softint was introduced to defer fownsignal that was called in bpf_wakeup to
softint at v1.139, but now bpf_wakeup always runs in softint so we don't need
the softint anymore.

(ozaki-r)

man pages for amdsmn and amdzentemp

(christos)

man pages for amdsmn and amdzentemp

(christos)

Add amdzentemp from FreeBSD via Ian Clark

(christos)

add amdzentemp

(christos)

regen

(sevan)

Add Nvidia GeForce FX Go5200, as found in the PowerBook6,4

(sevan)

Remove references to arm26

(skrll)

arm26 is gone.

(skrll)

note to self: OF_getprop() returns -1 on error
now this works properly on sevan's iMac G4

(macallan)

typo, remove extra bracket

(sevan)

style

(maxv)

As I said in my last commit in this file, ipo should be set to NULL;
otherwise the 'local address spoofing' check below is always wrong on
IPv6.

(maxv)

Fix the iteration: IPPROTO_FRAGMENT options are special, in the sense
that they don't have a 'length' field. It is therefore incorrect to
read ip6e.ip6e_len, it contains garbage.

I'm not sure whether this an exploitable vulnerability. Because of this
bug you could theoretically craft 'protoff', which means that you can
have the kernel patch the nxt value at the wrong place once the packet
is decrypted. Perhaps it can be used in some unusual MITM - a router that
happens to be between two IPsec hosts adds a frag6 option in the outer
IPv6 header to trigger the bug in the receiver -, but I couldn't come up
with anything worrying.

(maxv)

ipsec4_fixup_checksum calls m_pullup, so don't forget to do mtod() again,
to prevent use-after-free.

In fact, the m_pullup call is never reached: it is impossible for 'skip'
to be zero in this function, so add an XXX for now.

(maxv)

Note update to tzdata2018c

(kre)

Add missing NULL check. Normally that's not triggerable remotely, since we
are guaranteed that 8 bytes are valid at mbuf+skip.

(maxv)

Merge tzdata2018c

(kre)

Reinforce and clarify.

(maxv)

Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely
crash the kernel with a single packet.

In this loop we need to increment 'ad' by two, because the length field
of the option header does not count the size of the option header itself.

If the length is zero, then 'count' is incremented by zero, and there's
an infinite loop. Beyond that, this code was written with the assumption
that since the IPv6 packet already went through the generic IPv6 option
parser, several fields are guaranteed to be valid; but this assumption
does not hold because of the missing '+2', and there's as a result a
triggerable buffer overflow (write zeros after the end of the mbuf,
potentially to the next mbuf in memory since it's a pool).

Add the missing '+2', this place will be reinforced in separate commits.

(maxv)

Revert a part of rev1.49 (six months ago). The pointer given to memcpy
was correct.

Discussed with Christos and Ryota.

(maxv)

Try to use proper semantic markup.  Fix a few formatting nits.

(uwe)

It's not literal "-options" so use .Ar

(uwe)

sqlite-3.22 out.

(wiz)

Remove macros without effect.

(wiz)

Remove Tn.

(wiz)

Remove Tn. Remove more references to acorn26. Bump date.

(wiz)

ksh: Rename a local function tsearch to mytsearch

This removes a clash with well-known libc function tsearch(3) from POSIX.

This allows to build ksh against MSan.

The new name might not be perfect, but long term ksh should be switched to
the libc version.

Sponsored by <The NetBSD Foundation>

(kamil)

When second keyword is 'obsolete', first one should be foo-obsolete as well.

(wiz)

ksh: Rename a local function tdelete to mytdelete

This removes a clash with well-known libc function tdelete(3) from POSIX.

This allows to build ksh against MSan.

The new name might not be perfect, but long term ksh should be switched to
the libc version.

Sponsored by <The NetBSD Foundation>

(kamil)