SMAP on amd64.

(maxv)

USER_LDT on amd64.

(maxv)

USER_LDT done.

(maxv)

Remove comma after last Nm entry

(abhinav)

Add support for sdio interrupts

(jmcneill)

disable seeprom for now, it seems to trigger random boot failures on my A10 board

(jmcneill)

Fix return value.  fo_kqfilter is expected to return errno on error.
This is the rest of 1.226 (10 years ago).

(isaki)

Fix return value.  fo_poll is expected to return revents on error.

(isaki)

Fix return value.  fo_mmap is expected to return errno on error.

(isaki)

Forbid 64bit entries. That's it, now we support USER_LDT on amd64.

(maxv)

Use labels instead of disassembling *(%rip). intrfastexit is now the
only place where the segregs can fault.

(maxv)

Include opt_user_ldt.h when needed.

(maxv)

Handle by default.

(maxv)

Improve our segregs model. Pass 3/3.

Treat %gs the same way we treat %ds/%es/%fs: restore it in INTRFASTEXIT
on 32bit LWPs.

On Xen however, its behavior does not change, because we need to do an
hypercall before INTR_RESTORE_GPRS, and that's too complicated for now.

As a side effect, this change fixes a bug in the ACPI wakeup code; %fs/%gs
were not restored on 32bit LWPs, and chances are they would segfault
shortly afterwards.

Support for USER_LDT on amd64 is almost complete now.

(maxv)

Create directory for new bwfm firmware to be installed into.

(kre)

Add seeprom(4)

(jmcneill)

match atmel,24c16

(jmcneill)

Fix sun4i platform delay to sleep the requested number of microseconds
instead of the requested number of clock ticks.

(jmcneill)

Add bwfm firmware Makefile

(jmcneill)

Install bwfm(4) firmware.

(jmcneill)

Set maximum supported bwfm_bss_info length

(jmcneill)

Fix an alignment problem with scan results within an escan event

(jmcneill)

add sun4iemac

(jmcneill)

Add driver for sun4i/sun7i 10/100 Fast Ethernet controller (EMAC).

(jmcneill)

actually 0680 uses different chip map func, which doesn't call the function
handing non-independant channels, so don't set IDE_SHARED_CHANNELS for it

(jdolecek)

Initialize the in/out parameter vmin.

vmin is only an optional hint since we're not passing UVM_FLAG_FIXED,
but that doesn't mean we should use uninitialized stack garbage as
the hint.

Noted by chs@.

(riastradh)

Carve out KVA for execargs on boot from an exec_map like we used to.

Candidate fix for PR kern/45718: `processes sometimes get stuck and
spin in vm_map', a problem that has been plaguing all our 32-bit
ports for years.

Since we currently use large (256k) buffers for execargs, and since
nobody has stepped up to tackle breaking them into bite-sized (or at
least page-sized) chunks, after KVA gets sufficiently fragmented we
can't allocate new execargs buffers from kernel_map.

Until 2008, we always carved out KVA for execargs on boot with a uvm
submap exec_map of kernel_map.  Then ad@ found that the uvm_km_free
call, to discard them when done, cost about 100us, which a pool
avoided:

https://mail-index.NetBSD.org/tech-kern/2008/06/25/msg001854.html
https://mail-index.NetBSD.org/tech-kern/2008/06/26/msg001859.html

ad@ _simultaneously_ introduced a pool _and_ eliminated the reserved
KVA in the exec_map submap.  This change preserves the pool, but
restores exec_map (with less code, by putting it in MI code instead
of copying it in every MD initialization routine).

Patch proposed on tech-kern:
https://mail-index.NetBSD.org/tech-kern/2017/10/19/msg022461.html

Patch tested by bouyer@:
https://mail-index.NetBSD.org/tech-kern/2017/10/20/msg022465.html

I previously discussed the issue on tech-kern before I knew of the
history around exec_map:
https://mail-index.NetBSD.org/tech-kern/2012/12/09/msg014695.html

The candidate workaround I proposed of using pool_setlowat to force
preallocation of KVA would also force preallocation of physical RAM,
which is a waste not incurred by using exec_map, and which is part of
why I never committed it.

There may remain a general problem that if thread A calls pool_get
and tries to service that request by a uvm_km_alloc call that hangs
because KVA is scarce, and thread B does pool_put, the pool_put in
thread B will not notify the pool_get in thread A that it doesn't
need to wait for KVA, and so thread A may continue to hang in
uvm_km_alloc.  However,

(a) That won't apply here, because there is exactly as much KVA
available in exec_map as exec_pool will ever try to use.

(b) It is possible that may not even matter in other cases as long as
the page daemon eventually tries to shrink the pool, which will cause
a uvm_km_free that can unhang the hung uvm_km_alloc.

XXX pullup-8
XXX pullup-7
XXX pullup-6
XXX pullup-5, perhaps...

(riastradh)

Make check_exec() errors print the name of the binary that fails to
execute.

(martin)

regen

(christos)

update entry for Marvel Yukon 8058, and fix URL for pci ids (Rocky Hotas)

(christos)

On I219, drop TARC0 bit 28 for DMA hang workaround (from Linux).

(msaitoh)

No functional change:
- Simplify ifmedia_removeall using with ifmedia_delete_instance(IFM_INST_ANY).
- KNF.

(msaitoh)

move ata_queue_alloc(1) and ata_queue_free() calls to ata_channel_init()
and ata_channel_destroy() respectively, to make attachment code simpler,
and to make it easier to spot special queue manipulation like cmdide(4)

on topic of PR kern/52606

(jdolecek)

Add test cases for one SP with multiple SAs

These are for a bug reported recently which modifies SPs accidentally.

(ozaki-r)

Suppress name resolution

(ozaki-r)

Fix incomplete SP setups

(ozaki-r)

Show packet counters

(ozaki-r)

add bwfm

(jmcneill)

Add bwfm

(jmcneill)

Add driver for Broadcom 802.11a/b/g/n/ac USB wireless devices, based on
the OpenBSD bwfm(4) driver.

(jmcneill)

regen

(jmcneill)

Add USB IDs for Broadcom BCM43236, BCM43143, BCM43242, and BCM43569 USB
wireless devices.

(jmcneill)

more detailed debug info; also sync DEBUG_* values in wd.c with ata.c

(jdolecek)

Use cmpw.

(maxv)

replace the chek for the shared channel of cmdide(4) a flag of the
product array, rather than switch inside attach routine

XXX judging from product name, Silicon Image 0680 might be newer than 0649
XXX and hence have actually independant channels, but I don't have the hw
XXX so keeping as-is

no functional change, just to improve visibility in course of fixing
PR kern/52606

(jdolecek)

Improve our segregs model. Pass 2/3.

Treat %fs the same way we treat %ds and %es. For a new 32bit LWP %fs is
set to GUDATA32_SEL, and always updated in INTRFASTEXIT.

This solves an important issue we had until now: we couldn't handle the
faults generated by the "movw $val,%fs" instructions, because they were
deep into the kernel context. Now %fs can fault only in INTRFASTEXIT,
which is safe.

Note that it also fixes a bug I believe affected the kernel: on AMD CPUs,
setting %fs to zero does not flush the internal register state, and
therefore we could leak the %fs base address when context-switching. This
being said, I couldn't trigger the issue on the AMD cpu I have. Whatever,
it's fixed now, since we first set %fs to GUDATA32 - which does flush the
register state.

(maxv)

Improve our segregs model. Pass 1/3.

Right now, we are saving and restoring %ds/%es each time we enter/leave the
kernel. However, we let %fs/%gs live in the kernel space, and we rely on
the fact that when switching to an LWP, %fs/%gs are set right away (via
cpu_switchto or setregs).

It has two drawbacks: we are taking care of %ds/%es while they are
deprecated (useless) on 64bit LWPs, and we are restricting %fs/%gs while
they still have a meaning on 32bit LWPs.

Therefore, handle 32bit and 64bit LWPs differently:
* 64bit LWPs use fixed segregs, which are not taken care of.
* 32bit LWPs have dynamic segregs, always saved/restored.

For now, only %ds and %es are changed; %fs and %gs will be in the next
passes.

The trapframe is constructed as usual. In INTRFASTEXIT, we restore %ds/%es
depending on the %cs value. If %cs contains one of the two standard 64bit
selectors, don't do anything. Otherwise, restore everything.

When doing a context switch, just restore %ds/%es to their default values.
On a 32bit LWP they will be overwritten by INTRFASTEXIT; on a 64bit LWP
they won't be updated.

In the ACPI wakeup code, restore %ds/%es to the default 64bit user value.

(maxv)

Don't call tegra_pcie_reset_port for now - it makes tk1 re @ pci not work

(skrll)

fix l2tp panic when l2tp session id is changed (same as if_vlan.c:r1.104)

E.g. the following operation causes this panic.
    ====================
    # ifconfig l2tp0 create
    # ifconfig l2tp0 session 140 140
    # ifconfig l2tp1 create
    # ifconfig l2tp1 session 200 200
    # ifconfig l2tp1 session 300 300
    panic: kernel diagnostic assertion "new->ple_next == NULL" failed: file "/disk4/home/k-nakahara/repos/netbsd-src/sys/sys/pslist.h", line 118
    ====================

Pointed out by s-yamaguchi@IIJ, thanks.

XXX need pullup-8

(knakahara)

Always mask the 16 bits of the segregs in the trapframe. We don't zero-
extend the uint64_t's when building it, so we're leaking 48 bits of kernel
stack to userland.

Having said that, it appears that I unintentionally fixed most of this
issue in locore.S::rev1.127 - by building the frame with interrupts
disabled, we are implicitly guaranteeing that the structure doesn't get
overwritten by the kernel. Which means, we are leaking to userland data
that comes from userland anyway.

(still other places with this issue, but I'll fix them differently)

(maxv)

Make sure we don't go farther with 32bit LWPs. There appears to be some
confusion in the code - in part introduced by myself -, and clearly this
place is not supposed to handle 32bit LWPs.

Right now we're returning EINVAL, but verily we would need to redirect
these calls to their netbsd32 counterparts.

(maxv)

fix vlan panic when vlan is re-configured without destroy.

E.g. the following operation causes this panic.
    ====================
    # ifconfig vlan0 create
    # ifconfig vlan0 vlan 1 vlanif ixg3
    # ifconfig vlan1 create
    # ifconfig vlan1 vlan 1 vlanif ixg2
    # ifconfig vlan1 -vlanif
    # ifconfig vlan1 vlan 1 vlanif ixg2

    panic: kernel diagnostic assertion "new->ple_next == NULL" failed: file "/git/netbsd-src/sys/sys/pslist.h", line 118
    ====================

Pointed out and tested by msaitoh@n.o, fixed by s-yamaguchi@IIJ, thanks.

XXX need pullup-8

(knakahara)

Add the following bits in AMD Fn8000000a %edx features (SVM features):
PFThreshold (PAUSE filter threshold)
AVIC (AMD virtual interrupt controller)
V_VMSAVE_VMLOAD (virtualized VMSAVE and VMLOAD)
vGIF (virtualized GIF)

(msaitoh)

Fix a bug that the TPH ST table is decoded even if it's not in the TPH
Requester extended capability structure.

(msaitoh)

Fix RCSIds

(skrll)

KASSERT -> KASSERTMSG and while I'm here update a comment

(skrll)

external/lgpl3/gmp build fail in configure phase with "ln -s J /etc/malloc.conf".

patch from pkgsrc/devel/gmp
  http://mail-index.netbsd.org/pkgsrc-changes/2017/06/15/msg158404.html

(nonaka)

Update from Intel SDM:
0x55: Xeon Scalable (Skylake)
0x57: Xeon Phi [357]200 (Knights Landing)
0x66: Future Core (Cannon Lake)
0x85: Future Xeon Phi (Knights Mill)

(msaitoh)

Re-factor the code that extracts status from exited jobs, avoiding
code duplication, and reducing the size of /bin/sh by a trivial amount.

NFCI.

This is being done now as there are two other changes forthcoming, both
of which benefit - one would result in even more code duplication without
this, the other might need to alter how this is done, and doing it after this
means there's just one place to change (if required).

(kre)

Turn on D_MPSAFE flag of bpf_cdevsw that is already MP-safe

Pointed out by k-goda@IIJ

(ozaki-r)

Remove unnecessary Tn.

(wiz)

If a branch is already there, use it and don't create a new one. This way
we can call mm_map_tree twice with neighboring regions.

(maxv)

Group the sections into segments, and align to KERNALIGN only between
segments. Prerequisite for other changes. Unfortunately the code is not
very compact, but whatever.

(maxv)

Match BUFFALO CEWL-1 (Sony UWA-BR100 WLAN)

(jmcneill)

regen

(jmcneill)

Add Sony UWA-BR100 WLAN adapter

(jmcneill)

do what freebsd does:
- when disabling an interrupt, disable it on the HT PIC as well
- when establishing an interrupt, don't enable it right away
- program IRQs 0-3 as level, like freebsd does
Now svwsata is almost usable. We still get an interrupt storm but it doesn't
eat up all CPU cycles anymore.

(macallan)

Protect ec_multi* with mutex like other MP safe Ethernet drivers.
See if_ether.h rev. 1.66 and related stuff:
http://mail-index.netbsd.org/source-changes/2016/12/28/msg080289.html

(msaitoh)

I have seen (way too often) uses of test(1) that are not defined to
actually work (but just happen to, today, and in some cases, even
that trusts to some luck.)

It has been recently pointed out to me that the man page (ie: this
file) doesn't give any real guidance to what is really acceptable,
and what is not.

The CAVEATS section does note that the grammar is ambiguous, but then
just says that test(1) implements what POSIX requires, and refers
readers to the relevant section of the POSIX standard for more details.
That is probably asking too much of the average reader...

So, add some extra information in the CAVEATS with what is defined to work,
and what should be avoided.  Not all of the POSIX rules are here, but this
might hopefully help script authors avoid some of the pitfalls.

(kre)

add newlines to the debug messages

(jdolecek)

Add Turbo Boost Max Technology 3.0 bit.

(msaitoh)

Typo: s/processes/process's/ for possession

(pgoyette)

Make SCTP work when IPSEC is also defined.

(rjs)

Move call to sofree() to end of sctp_inpcb_free() and re-aquire
softnet_lock.

Logic copied from in_pcb.c.

(rjs)

reintroduce ATACH_IRQ_WAIT flag for attachments using wdcintr(), only
process the interrupt when the flag is set - this fixes spurious interrupt
during post-reset drive setup in wdc_ata_bio_start(), and wdc_atapi_start()

while those functions set WDCTL_IDS, this seems to be ignored by certain
(maybe all) PCI-IDE controllers; usually the implicit KERNEL_LOCK() would
prevent the interrupt anyway, but not when the start routine is started
from the atabus thread, which doesn't take it

fixes 'panic: wdc_ata_bio_intr: bad state' reported on current-users
by Chavdar Ivanov

(jdolecek)

no need to clear DMA WAIT flag in mvsata_edma_handle(), it's not needed
by atabus layer

(jdolecek)

Fix eva argument to pmap_remove and passed prot bits in flags for
pmap_enter, i.e. fix previous.

(skrll)

Set SPL level to match usage for TCP.

(rjs)

Ticket #1507

(martin)

Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Ticket #1507

(martin)

Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Ticket #1507

(martin)

Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Ticket #1517

(martin)

Remove duplicate assignment, comment doesn't match it anyway.

(rjs)

Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Ticket #1517

(martin)

Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Remove some foreign conditional code. NFC intended.

(rjs)

Ticket #1517

(martin)

Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Ammend #1502

(martin)

Apply patch form mlelstv to fix the build after pullup #1506

(martin)

Wrap pcb list check with #ifdef DEBUG.

(rjs)

Remove function prototype that is no longer required. NFC

(rjs)

Update from the latest Intel SDM:
0x5c: Atom (Goldmont)
0x5f: Atom (Goldmont, Denverton)
0x7a: Atom (Goldmont Plus)

(msaitoh)

Ticket #324

(martin)

Pull up following revision(s) (requested by spz in ticket #324):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from <a  rel="nofollow" href="https://w1.fi/security/2017-1/">https://w1.fi/security/2017-1/</a> :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch        02-Oct-2017 16:19      6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch    02-Oct-2017 16:19      7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch    02-Oct-2017 16:19      6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19      2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19      1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19      4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch    02-Oct-2017 16:19      1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch    02-Oct-2017 16:19      2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
<a  rel="nofollow" href="https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt">https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt</a>
for details)

(martin)

Move %ds and %es into the GDT on 64bit LWPs.

(maxv)

Have the cpu clear PSL_D automatically when entering the kernel via a
syscall. Then, don't clear PSL_D and PSL_AC in the syscall entry point,
they are now both cleared by the cpu (faster). However they still need to
be manually cleared in the interrupt/trap entry points.

(maxv)

Fix buffer length for ipsec_logsastr

(ozaki-r)

Don't setup SPs if no policy sepecifier is specified

We expect that SPs are set up iff some policy sepecifier(s) are specified.

Found on investigating an issue reported by Robert Swindells

(ozaki-r)

fix comment, rdx, not edx

(maxv)

Add support for SMAP on amd64.

PSL_AC is cleared from %rflags in each kernel entry point. In the copy
sections, a copy window is opened and the kernel can touch userland
pages. This window is closed when the kernel is done, either at the end
of the copy sections or in the fault-recover functions.

This implementation is not optimized yet, due to the fact that INTRENTRY
is a macro, and we can't hotpatch macros.

Sent on tech-kern@ a month or two ago, tested on a Kabylake.

(maxv)

Update protocol reverse engineering URL to a working one
only mention it once.

From openbsd by Seth Jackson

(maya)

Check that the host supports GET_SPEED as well as GET_VERSION
before deciding vmt_probe has succeeded.

qemu supports GET_VERSION but not the RPC protocol so the probe succeeds
but the attach fails, resulting in "vmt0: failed to open backdoor RPC
channel (TCLO protocol)".  All known versions of vmware support GET_SPEED
and no known qemu versions do, so this prevents it from attempting to
attach (and failing) on qemu while still working on vmware.

stop checking vmt_type to avoid having to adapt this code.

- Taken from openbsd

(maya)

Explain our implementation choice for implementation-defined values

(maya)

simplify previous.

(christos)

apply patches from upstream, namely from https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch 02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch 02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch 02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch 02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch 02-Oct-2017 16:19 2.7K

for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088

(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)

(spz)

typo: unvalid -> invalid

(jnemeth)

revert; this is section 9 and userland headers are not available in kernel
context.

(christos)

We KASSERT((fregs->vfp_fpexc & VFP_FPEXC_EN) == 0) just before, so
enabled is always false. remove.

(bouyer)

In the REENABLE case, make sur the fpexc copy in the pcb also has
VFP_FPEXC_EN set. Otherwise we could trap on every context switch even if
the CPU already has the VFP state.

(bouyer)

PR port-arm/52603:
There is a race here, as seen on arm with FPU:
LWP L is running but not on CPU, has its FPU state on CPU2 which
has not been released yet, so fpexc still has VFP_FPEXC_EN set in the PCB copy.

LWP L is scheduled on CPU1, CPU1 calls cpu_switchto() for L in mi_switch().
cpu_switchto() will set VFP_FPEXC_EN in the FPU's fpexc register per the
PCB fpexc copy.

Before CPU1 calls pcu_switchpoint() for L, CPU2 calls
pcu_do_op(PCU_CMD_SAVE | PCU_CMD_RELEASE) for L because it still holds its
FPU state and wants to load another lwp. This cause VFP_FPEXC_EN to
be cleared in the PCB copy, but not in CPU1's register. L's l_pcu_cpu is
set to NULL.

When CPU1 calls pcu_switchpoint() for L it see l_pcu_cpu is NULL, and doesn't
call the release callback.

Now CPU1 has its FPU enabled but with the wrong FPU state.

Fix by releasing the PCU even if l_pcu_cpu is NULL.

(bouyer)

Remove Tn.

(wiz)

remove Tn, bump date for previous

(wiz)

Suggest to include the POSIX <endian.h> rather than BSD <sys/endian.h>

(maya)

Add endian.h header.  Simply includes sys/endian.h

<endian.h> has been accepted by the austin group.

(maya)

dedup

(christos)

Treat EOF as a condition to re-open the pcap socket. Since we've been woken
up by poll(2), there must be data to read. If there is not, our socket might
not be ok anymore.

(christos)

Add a message when we are re-opening the pcap socket.

(christos)

- Print ci_feat_val[5] (Structured Extended Feature leaf Fn0000_0007 %ebx) on
  AMD, too.
- Print ci_feat_val[6] (Fn0000_0007 %ecx) on Intel.

(msaitoh)

A part number field of DDR3 and DDR4 is not NUL terminated. All unused chars
are filled by 0x20. Print it correctly.

Before:
spdmem0 at iic0 addr 0x50: 8KTF51264AZ-1G6E1 E1M^@,DPAFEQZ021
spdmem1 at iic0 addr 0x51: ACR256X64D3U1333C9BA^AM^X
spdmem2 at iic0 addr 0x52: KP223C-ELD        BA^BM-~

After:
spdmem0 at iic0 addr 0x50: 8KTF51264AZ-1G6E1
spdmem1 at iic0 addr 0x51: ACR256X64D3U1333C9
spdmem2 at iic0 addr 0x52: KP223C-ELD

(msaitoh)

fix comment - it's WDCTL_IDS which is supposed to disable interrupts

(jdolecek)

Setting AT_BASE on static binaries breaks TLS because they assume that
it is 0, will fix it differently.

(christos)

306

(snj)

Pull up following revision(s) (requested by msaitoh in ticket #306):
sys/dev/pci/if_wm.c: revision 1.539
- Correct NVM word size check in wm_nvm_version() to prevent
  "EERD polling failed" error on attach. if_wm.c rev. 1.534 was not perfect.
  Reported by ozaki-r@.
- Print NVM offset and word count when EERD polling failed.

(snj)

Add copyright and rcs header to the test program.
Also, remove a test case which was not supposed to be there.
(While that test case works with the changes I committed, testing that
test case with the test program is not possible in its current form. I'm
working on that.)

(abhinav)

Add support for escaping special characters when doing filename completion.

For instance if the file name is "foo bar":
$ ls foo<TAB>
should get autocompleted to:
$ ls foo\ bar

Works for similar other characters too, which need escaping.

Also, add an accompanying test program to ensure the escaping is correct
in various scenarios (within quotes, without quotes, with other special characeters)

Thanks to Christos for reviews, help and feedback.

(abhinav)

explicitely ignore polled xfers in wdcintr(), so it won't be processed
twice - seems setting WDSD_IBM actually has no effect at least
on some PCI-IDE, and the interrupt ends up being triggered when we release
the channel lock to call c_poll hook

fixes PR kern/52605, and should also fix the 'New panic in wdc_ata_bio_intr'
reported on current-users@

(jdolecek)

try to re-open the pcap connection on error.

(christos)

move the extra thaw for scheduled ata_reset_channel() to the function itself,
so it's done regardless if the actual reset is run from thread context
or e.g. call with AT_POLL; fixes a hang after xfer failure and dma downgrade

add some debugging printfs, so freeze/thaw issues are easier to track

(jdolecek)

Mmh, don't forget to clear the TLS gdt slots on Xen. Otherwise, when doing
a lwp32->lwp64 context switch, the new lwp can use the slots to reconstruct
the address of the previous lwp's TLS space (and defeat ASLR?).

(maxv)

Use two separate functions: cpu_segregs32_zero and cpu_segregs64_zero. The
way segment registers work on amd64 will diverge between 32bit and 64bit
LWPs.

(maxv)

Fix typo: s/one or mode/one or more/

(pgoyette)

Remove this #undef on native amd64, but keep it on Xen.

(maxv)

Make sure the 32bit LWPs don't have MDL_IRET set. That's not a problem
right now, but will be in the future.

(maxv)

Add setds and setes, will be useful in the future.

(maxv)

revert the logic for wdc_wait_for_unbusy() in wdc_ata_bio_intr() to pre-NCQ,
wdcintr() and wdctimeout() need that; follows same change
in atapi_wdc.c rev. 1.128

(jdolecek)

Add setusergs on Xen, and simplify.

(maxv)

Simplify array initialisation

(skrll)

Descend the page tree from L4 to L1, instead of allocating a separate
branch and linking it at the end. This way we don't need to allocate VA
from the (tiny) prekern map.

(maxv)

Update current version of mandoc to 1.14.3

(abhinav)

Defer initialization of pf_status.host_id

The call to cprng_fast32() requires that per-cpu data has been initialized
by corng_fast_init(), which doesn't get called until after the first part
of auto-configuration is done, long after pfattach() calls cprng_fast32().

Fixed PR kern/52620

XXX This needs pull-up to the -8 branch.

(pgoyette)

Nit-picking: avoid split infinitive

(pgoyette)

reorder to avoid null deref before null test

(maya)

rc(8): more foo.sh clarification

- Use "inline.sh" instead of "foo.sh".
- Clarify that "inline.sh" scripts will terminate the boot if
  the script causes trhe current shell process to terminate.
- Use "service" instead of "bar.
- Use "sub-shell" instead of "subshell".

Inspired by feedback from kre@

(lukem)

PR/52618: Shinichi Doyashiki: Don't exit if adding interface to multicast
group fails. This happens with empty vlan interfaces

- make syscalls checks against -1
- fix errors to print %s: instead of <%s>

XXX: if_vlan is the only pseudo interface in net/ that returns such an
error..

(christos)

add test case for new format 'f' and 'F'

(ryo)

doesn't work new format 'F' with a strings of length 1, or a string beginning with 'F'

(ryo)

Fix a comment

(skrll)

do not use the NCQ priority by default; seems it negatively affects
performance at least with some drives, so this needs better understood first

(jdolecek)

only call drive reset with AT_POLL when the command itself was
polled, so that the logic for AT_POLL matches how e.g. ata_dmaerr() is
called; this was the original intent of the change in 1.428.2.25,
to make the error handling safe wrt. polled xfers

this is stopgap fix for ATA channel wedge after DMA error, as reported
by Martin Husemann in PR kern/52606, and PR kern/52605

problem happened due to ata_reset_channel() being called once in ata_dmaerr()
with flags == 0, which freezed channel and set flag to reset via thread,
then ata_reset_channel() was called via wdc_drive_reset() with AT_POLL, which
just executed the reset and cleared the flag, without clearing the extra
freeze; that logic will be refactored in separate commit

(jdolecek)

Add TC-USB.

(flxd)