tests/usr.sbin/inetd/t_accept_max: Handle SIGKRE.
Fix some cleanup issues and simplify according to most of kre's
suggestions. Mostly this fixes the kill-background-jobs-on-trap
logic by not trying to kill the nonexistent %0, and killing each job
individually so `kill' doesn't stop early if one doesn't exist.
I'm keeping the idiom `: >foo' and `: <foo' because I think it's a
little clearer than a bare `>foo' or `<foo', and I'm keeping the -e
and -u on shell scripts (except the one-liners) because I want to get
early feedback as much as possible about unexpected failure modes --
even if it counterintuitively elides some feedback.
(I also generally use -o pipefail out of habit for the same reason
but I'll acquiesce to removing it here in a short script where there
are definitely no pipes.)
PR bin/59645: inetd `rate-limiting' algorithm is stupid
libarchive: Fix cpio(1) tests.
1. When dropping privileges, setegid to the _gid_ of user `nobody',
not to the _uid_ of user `nobody'.
2. In the test, grant that user access to the atf test working
directory so it can execute the `bsdcpio' symlink we create in
order to get argv[0] set appropriately for the error messages that
the test checks for.
PR bin/60353: cpio(1): tests are failing to run at all
wg(4): Drop KASSERT on result of crypto_scalarmult.
The result of this check is not relevant to security of the protocol,
either for static peer identity keys or for ephemeral handshake keys.
See comments for details.
We can't simply write
(void)crypto_scalarmult(...);
because the function was tagged with warn_unused_result. And
apparently libsodium may leave the output uninitialized if the check
fails. So just yield zero instead of stack garbage / UB -- stack
garbage is probably actually fine since it is immediately hashed into
something that won't match anything so downstream logic will just drop
it, but UB might invite nefarious compilers to cause trouble.
PR security/60106: wg(4) should properly handle invalid or insecure
ephemeral Curve25119 public keys
wg(4): Add a test case for too many allowed IP address ranges.
PR kern/60232: kernel panic when adding a wireguard peer with too
many allowed IP addresses
wg(4): Add test case for bad ephemeral handshake public keys.
wg(4) should not crash on an assertion if they appear on the network;
it should just gracefully drop them as forgeries, if a MITM attempted
to send them without knowledge of a peer's public key, or accept
them, if a peer legitimately sent them, since that peer could just as
well simply forward the plaintext of the session on to the NSA.
PR kern/60106: wg(4) should properly handle invalid or insecure
ephemeral Curve25119 public keys
wg(4): Add test case for bad peer public keys.
wg(4) should not crash on an assertion if they are used -- it should
just gracefully accept them, with degraded security, since a peer
that maliciously provides an invalid public key is no worse than a
peer that voluntarily exposes all its plaintext anyway.
PR kern/60106: wg(4) should properly handle invalid or insecure
ephemeral Curve25119 public keys
Break out and expand FDT property parsing for awge(4) FDT attachment
frontends
This uses the device tree's possible burst length bus interface settings,
and improves performance on, for instance, Rockchip RK3399
PR 60334: fix two bugs:
- confusion between part_usage_info::flags and ::cur_flags leading
to not matching partitions properly when renumbering them after
deletion
- off by one corrupting memory when deleting a partition
Conditionalize some messages so they are not compiled in when
architectures do not need it.
- a few clearly GPT related strings conditional on NO_GPT
- the base32/compat32 related message for PR 60224 and PR 60133
conditional on a new flag HAVE_DVD_IMAGE
Fix day of week calculcation in strptime().
The bug was that the calculation used the raw year value without
adding the 1900 offset.
While here, switch to the current Wikipedia version of Gauss' algorithm,
like FreeBSD did, and simplify a loop, like FreeBSD did.
Fix PCI Express issues on Sam460ex.
- Mapping memory region for DMA through bus_dma framework with coherency
requested now causes the region to be uncached for 440 cores.
- DMA inbound window mapping
- Avoid configuration cycles that stall the bus
- Board-specific interrupt mapping
Now mpt in PCI Express x4 slot does around 100MB/s to a spinning rust
hard drive and is stable.
