Disable the pcie5 port in the t14s device tree. I believe this port is
used for the LTE modem on models that include that option. But accessing
this port on models without triggers a reset of the machine because the
firmware didn't set up that port for us.
tested by deraadt@
Improve checking of ELF notes. This adds checks for overflow when rounding
sizes up to be a multiple of the ELF word size and adds checks to prevent
out of bounds access.
Based on a report and diff from Andrew Griffiths.
ok jsg@, deraadt@
Default 'announce as-4byte' to 'enforce' for all peers
After close to 20 years of 4-byte AS support in bgpd it is time to enforce
it. The fall back code from 2-byte AS to 4-byte AS is non-trivial and
the RFC is way to optimistic and ignores many possible error conditions.
All relevant BGP implementations support 4-byte ASnums so it is a
misconfiguration to not use this by default. Most implementations do this
by default.
In the unlikely cases where 2-byte AS support is still needed one can
fall back to the previous default by using 'announce as-4byte yes'.
OK tb@ job@
Reimplement aspath_merge() in a more cynical fashion
Mergin AS4_PATH into ASPATH can be done a bit simpler by using the fact
that AS4_PATH must be a subset of ASPATH. The resulting path has the same
size and layout as the ASPATH. bgpd inflates the 2-byte ASPATH to 4-byte
representation early on so this simplifies the merge.
When mering the path be strict and any difference in the two paths triggers
a treat-as-withdraw error. Something is off so refuse to work with this path.
This is harsher than RFC 6793 but the concerns then no longer matter.
Use ibuf for all the buffers to have memory safety during this merge operation.
OK tb@