there is no assign command

(mbalmer)

More markup, typo fixes, update date and NetBSD version for import.

(wiz)

fold long line in a readable way; pass nil as query table if reading form data fails

(mbalmer)

better approach to NUL terminate strings

(mbalmer)

plug a memory leak

(mbalmer)

zero allocated memory buffers

(mbalmer)

Fix memset size argument, found by coverity.

(martin)

Readd myself.

(elad)

Use "%s" to panic.

(alnsn)

Add TABSIZE, which is derived from terminfo init_tabs.
Use this when processing \t.
If TABSIZE is set in the environment, this takes precedence.

(roy)

luactl(8) is a command to control lua(4)

(mbalmer)

core module for lua(4)

(mbalmer)

welcome lua(4), a devide driver that can create and control Lua states inside the kernel

(mbalmer)

header file needed for lua(4)

(mbalmer)

use __USE()

(christos)

introduce __USE(variable) that uses a variable to squash unused variable
warnings.

(christos)

fix incorrect variable use.
remove unused variable

(christos)

remove unused variable

(christos)

remove unused variables.

(christos)

use variables that are only used in debugging.

(christos)

move debugging code inside debugging ifdef.

(christos)

remove unused

(christos)

move all the unused stuff to ifdef notyet

(christos)

add missing ifdefs

(christos)

- use proper types (uint16_t instead of uint32_t)
- don't index past the end of arrays
- use __arraycount() consistently instead of manual cruft.
- remove useless cast

(christos)

print a warning if we failed.

(christos)

remove unused variable

(christos)

remove unused variable

(christos)

skip comment lines on password and group databases (Brooks Davis)

(christos)

Default a bare "." with no type to F_DIR. For FreeBSD compatibility (Brooks
Davis)

(christos)

Restore old behavior of not printing sizes for directories, since it varies
depending on filesystem implementation. (Brooks Davis)

(christos)

Add missing i810_dri.c file to SRCS.
PR xsrc/48315.

(martin)

silence is golden

(christos)

Define WA_NORMAL

(roy)

Also depend on LIBLUA, and add -lm to allow static linking.

(he)

Apply patch from PR/48310 - kue(4) cannot receive multicast packets.

(skrll)

Hook complex operation support into libm when not using libgcc.

(joerg)

Note that delwin(3) is a null-op if win is NULL.

(roy)

Add devices:
  ISA soundblaster (#sb* at isapnp? tested on PC164LX)
  Broadcom 570x ethernet (supported cards in DS20L, etc.)
  ALI M7101 SMBus controller (found in DS20L)
  (commented out) LM81/LM87 enviromental monitoring (found in DS20L)

(jdc)

Add sysmon (required for the envsys framework).

(jdc)

Add lmenv.4 to the manual page makefile and to the set list.

(jdc)

Add manual page for the LM81, LM87, and compatible iic hardware monitors
(lmenv).

(jdc)

Add lmenv to the configuration framework.

(jdc)

Add a driver for the LM81, LM87, and compatible iic hardware monitors
(lmenv).  Ported from OpenBSD's lm87.c, revision 1.20.

(jdc)

More dotg(4) removal.

(skrll)

Remove dotg(4) as it's been replaced by dwctwo(4).

(skrll)

Basic man page for dwctwo.

(skrll)

s/with resolution/with a resolution/

Noticed by mbalmer@.

(rkujawa)

Update man page to reflect latest changes (added sysctl knobs for temperature
limit and hysteresis).

(rkujawa)

Add forgotten register definitions for previous commit.

(rkujawa)

Add sysctl knobs to set temperature limit and hysteresis. Reaching the limit
causes alert line of the chip to be asserted. These limits could be tied to
critical limit set in envsys, but it's more versatile to keep it as separate
value.

(rkujawa)

Instead of turning off the 8th bit on resume, turn it on, as it is on by
default. Problem reported by atatat@ when suspending vi and resuming loses
the ability to use the alt key.

(christos)

Update firmware from today 2013-10-15. Requested in PR/48288.

(skrll)

Adjust needed includes for fchmodat/mkdirat/mkfifoat/mknodat/fstatat
syscalls.

(njoly)

Add information about user settable resolution via sysctl.

(rkujawa)

Simplify sysctl handling.

(rkujawa)

Clean up register read and write functions, add functions for 8-bit read and
write (needed to access config register). Add sysctl knob to set resolution
from user space.

(rkujawa)

Switch to dwctwo(4) from dotg(4) for the RaspberryPi port.  This brings
DMA support and (initial) isoc transfer support.

Remove URTWN_DOTG_WORKAROUND as dwctwo doesn't appear to need it.

(skrll)

Make this compile for more option combinations.

(skrll)

Translate ENODEV to USBD_INVAL

(skrll)

Small cleanup

(skrll)

Run ../bfd/configure under ${CONFIG_SHELL}, not under
the /bin/sh that happens to be mentioned in its "#!" line.

(apb)

If the shell does not support the $LINENO variable, then use
"bfd_configure.lineno" instead of "configure.lineno" as the name of the
a version of the script that has had all uses of $LINENO converted to
literal line numbers.

Now building tools via "MKCROSSGDB=yes build.sh tools" works again, even
if the shell does not support $LINENO.

The previous problem was caused by an interaction
between the way .../gdb/dist/opcodes/configure executes
"${srcdir}/../bfd/configure --version", and the way both configure
scripts tried to create and then execute configure.lineno scripts.
Both configure.lineno scripts were created in the same OBJDIR,
with the configure.lineno from .../bfd/configure overwriting the
configure.lineno from .../opcodes/configure, while the latter was
still running.

(apb)

No David, '\?' is not the del character.  Broken in rev 1.21.
XXX pullup-5, pullup-6.

(bad)

Update LLVM/Clang snapshot to r192615, which defaults to libc++ and the
unwinder in libc on x86.

(joerg)

Handle an error from uhidev_get_report in ucycom_get_cfg

(skrll)

Fix size parameter to memset. Found by gcc 4.8.

(skrll)

Rename USE_LIBGCC to HAVE_LIBGCC and retry using it as flag on unwind.h.

(joerg)

Check whether we have an FPU regardless of FPU_EMULATE option.
It prevents a kernel panic when we don't have an FPU and FPU_EMULATE
option is not set.
Thanks tsutsui@ for advice.

(isaki)

Invert logic to try to fix the !clang case.

(joerg)

Add timer 2 and 3 for Discovery Innovation.

(kiyohara)

Remove some #ifdef ARMADAXP.  We can enable simultaneously both ARMADAXP and
other SoC options.

(kiyohara)

Don't pass -std=c++11 down to configure, it breaks C compiler detection.
Regen configuration.

(joerg)

Update LLVM/Clang snapshot to r192551 for various bug fixes.

(joerg)

Include compiler-rt and libunwind in libc for Clang/x86 builds.

(joerg)

Add a heavily modified version of Apple's libunwind as released under
MIT license in libc++abi. At the moment, only x86 support is tested.

(joerg)

More markup, whitespace.

(wiz)

Add LFS options, both preexisting and UFS-derived. Leave the ones that
are not yet believed to work commented out. Ride previous date bump.

(dholland)

Reorganize the file-system-related options; put options for each fs
type (or group of fs types) in its own subsection and put the
fs-independent options first.

Bump date.

(dholland)

Let's not use uninitialized variables to write to random memory
locations, shall we?

(joerg)

Add a late entry about addition of support for AlphaStation DS15.

(tsutsui)

delete duplicate (and wrong) entry for Thanksgiving Day in Canada

(jnemeth)

Fix another botch of my dumb patch in PR/45990; add missing braces.

The offset of MBR partition 0 was unintentionally set to 2048 even on
small (<=128GB) disks.  Probably we should rethink the threshold,
but anyway sysinst(8) should follow fdisk(8) default.
http://nxr.NetBSD.org/xref/src/sbin/fdisk/fdisk.c?r=1.145#1199
http://cvsweb.NetBSD.org/bsdweb.cgi/src/sbin/fdisk/fdisk.c#rev1.129

The problem is pointed out and analyzed by Simon Nicolussi in PR/48304.

Should be pulled up to all netbsd-6* branches.

(tsutsui)

Fix pasto in previous; pass a correct device_t to config_pending_derc().

(tsutsui)

add u3g

(mbalmer)

Mention httpd(8) Lua support

(mbalmer)

Print the client_id (lwp address) as hex and avoid stack overflow. Use
snprintf while here.

Fixes PR/48287

(skrll)

Ticket #1884.

(jdc)

Ticket #1884.

(jdc)

Ticket #1884.

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2 via patch
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4 via patch
(requested by spz in ticket #1884).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2 via patch
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4 via patch
(requested by spz in ticket #1884).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2 via patch
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4 via patch
(requested by spz in ticket #1884).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

Welcome to 5.2.1_PATCH.

(jdc)

Welcome to 5.1.3_PATCH.

(jdc)

Catch up to recent changes in config_pending_{incr,decr}().

(riz)

make the driver able to send scsi commands; now the disks are found.
it was converted incorrectly to device_t.

(christos)

Sort.  More markup.

(wiz)

adjust for recent deferred changes.

(christos)

Ticket #966.

(jdc)

Ticket #966.

(jdc)

Ticket #966.

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4
(requested by spz in ticket #966).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4
(requested by spz in ticket #966).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

Pull up revisions:
  xsrc/external/mit/xorg-server/dist/dix/dixfonts.c revision 1.2
  xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c revision 1.4
(requested by spz in ticket #966).

Fix CVE-2013-4396 using a patch from:

--- snip ---
>From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>

(jdc)

zeroize the rest of the comparable struct before adding it to the rb tree

(kefren)

Welcome to 6.1.2_PATCH.

(jdc)

Welcome to 6.0.3_PATCH.

(jdc)

no need to check free() arguments against NULL

(mbalmer)

more tests

(christos)

it's Lua, not lua

(mbalmer)

add Lua scripting support to bozohttpd, see httpd(8) for details

(mbalmer)

- add 64 bit fifo support
- handle fibrilation better

(christos)

Pass the device name in, so we can debug what deferred drivers did not work.

(christos)

provide a better printf for the panic message

(christos)

add new t_tcp test

(christos)

new test to check if non-blocking sockets are reset to blocking on the
accepted file descriptor.

(christos)

llib-lctf.ln is dtrace specific.

(njoly)

remove trailing whitespace

(mbalmer)

Rework previous (1.24) change.  Rather than depending on the
file's flags to decide if decompress cleanup is needed, just
check to see if the open() allocated the 'struct sd *' used for
decompression.

This fixes recent problem where presence of a "load=ffs" command
in my /boot.cfg resulted in a "heap full" error at boot time.

OK martin@

(pgoyette)

FATANH(-0) is -0, not +0.
This bug was introduced by the mistake of my test program.
Last week, I talked about the probelm (my FATANH(-0) returns +0 ?)
by NetBSD seminar at Open Source Conference 2013 Hiroshima,
and tsutsui@ confirmed that returns -0.

(isaki)

remove garbage lines mistakenly included when def.mk generation.

(nisimura)

make this work on linux

(christos)

fix missing files

(christos)

remove dup info

(christos)

Use MACHINE_CPU for m68k.  Use similar logic for both tests.

(matt)

delete extra m_len initialization.

(christos)

- initialize m_len m_pkthgr.len to 0 in constructors, as discussed in tech-net.
- s/MGET/m_get
- s/0/NULL

(christos)

PR/48292: Justin Cormack: paccept creates sockets that cannot be made blocking
Reset the socket flags not just the file flags for non-blocking I/O.
XXX: pullup 6

(christos)

support WSDISPLAYIO_GET_FBINFO

(macallan)

support WSDISPLAYIO_GET_FBINFO

(macallan)

support WSDISPLAYIO_GET_FBINFO

(macallan)

some cleanup:
- use macros to shorten a while lot of bus_space_write_4() lines
- update some comments
- remove debug goop and cargo culted leftovers

(macallan)

Follow OpenGroup online specification[1], move
fchmodat/mkdirat/mkfifoat/mknodat prototypes to <sys.stat.h>.

[1] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_stat.h.html

(njoly)

add hardware acceleration
For now this supports only GeForce2 MX cards but most NV1x chips should work
once their PCI iDs are added to gffb_match()
Tested only on macppc.

(macallan)

Fix CVE-2013-4396 using a patch from:

--- snip ---
From a4d9bf1259ad28f54b6d59a480b2009cc89ca623 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 16 Sep 2013 21:47:16 -0700
Subject: [PATCH] Avoid use-after-free in dix/dixfonts.c: doImageText()

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

Reported-by: Pedro Ribeiro <pedrib@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
--- snip ---

the patch is shifted but otherwise applies. mrg@ to test (thanks)

(spz)

MGET -> m_get

(christos)

0 -> NULL
MGET -> m_get
No functional change.

(christos)

Improve tests so that they check the sockaddr's returned by accept(2) and
getsockname(2). Test for accept success after closed client socket.

(christos)

Centralize the sockaddr_un allocation code. Set sun_len appropriately so
that the address length returned is correct, not always 106. Note that
we do things slightly differently than linux and explain why. Unit-tests
to come.

(christos)

- Instead of having accept(2) return a zero-filled sockaddr for the case
  where accept(2) was called on a unix socket that called connect(2) and
  then close(2), before the connection was accepted, return the empty
  sockaddr_un.
- Fix the length of the empty sockaddr_un socket so that it reflects reality.

(christos)

POSIX says getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN,,) needs to work.

(seanb)

Note that sysalign checks for dev_t/time_t alignment too.

(njoly)

PR/47591: Michael Plass: If the unix socket is closed before accept,
unp->unp_conn will be NULL in PRU_ACCEPT, as called from
sys_accept->so_accept. This will cause the usrreq to return with
no error, leaving the mbuf gotten from m_get() with an uninitialized
length, containing junk from a previous call. Initialize m_len to
be 0 to handle this case. This is yet another reason why Beverly's
idea of setting m_len = 0 in m_get() makes a lot of sense. Arguably
this could be an error, since the data we return now has 0 family
and length.

(christos)

Drop trailing whitespace.

(jakllsch)

Use the universal pciide_detach() for detach function of all remaining
pciide-core drivers, except pciide at pnpbios which isn't actually PCI.

(jakllsch)

Remove unused structure.

(jakllsch)

iMX233/OLinuXino changes from Petri Laskso.
See http://mail-index.netbsd.org/port-arm/2013/10/07/msg002042.html

(matt)

fix the rest of the lint warnings [pass 1]

(christos)

Belatedly note root on RAIDframe support for sandpoint.

(jdc)

Use uint32_t, not u_int32_t; makes this file standalone like it ought
to be. PR 45693.

(dholland)

Remove stray KERNEL_UNLOCK_ONE() in error path of lfs_markv().
From Wolfgang Stukenbrock in PR 44370.

This error path is only reachable if lfs_markv is handed an out of
range inode number, so it's unlikely that it gets tickled very often.

It isn't clear to me that we need the kernel lock in here at all, as
the path to lfs_markv that's actually used at this point (via fcntl)
doesn't take it. But, one thing at a time.

(dholland)

english usage patrol

(dholland)

Update SYNOPSIS; PR 48080. Bump date.

(dholland)