Stop mashing together ps_flags ans p_flag. This fine when we did the
initial "struct process" / "struct proc" split, but we added more flags
and they collide now. This is incredible confusing and needs to die.
Instead make some readjustments to the ddb default "ps" output and print
them both separately.
ok claudio@, jca@
Unhook loongson from the build.
The last compiler update unfortunately does not work on mips64el, with clang 22
built with clang 19 being apparently functional, but clang 22 rebuilt with
the previous clang 22 hitting deterministic SIGSEGV on various files.
I don't have the time and energy to try and debug this (which is likely an
endianness problem, as octeon appears to run happily with clang 22), especially
when it takes 10 days for clang to rebuild itself on these machines; and
switching back to gcc 4 won't help much as modern software in ports will
require a working C++>=11 compiler to build anyway.
ok visa@
----------
/ \
/ REST \
/ IN \
/ PEACE \
[10 lines not shown]
Do not make the size of the cmmu table public, and comment out some code at
compile time if we are building on a simple CMMU configuration, such as on
luna88k.
Tested by and ok aoyoma@
Declare the cmmu-related variables as const, rather than
attribute(section(.rodata)), and initialize them (while MMU is not set up)
using explicit casts.
This gets rid of "ignoring changed section attributes" harmless assembler
warnings.
Joint work with aoyama@; tested by and ok aoyama@
With the previous fix to m8820x_initialize_cpu()
[sys/arch/m88k/m88k/m88k_machdep.c r1.66], we no longer force
single-processor kernels to nevertheless override MAX_CPU, and remove the
ability to override it in <machine/cpu.h>.
Tested by and ok aoyama@
Make sure m8820x_initialize_cpu() initializes logical cpu #0 on non-MP kernels.
This is usually the case, but some luna88k setups could have the running cpu at
a physical position different from zero, causing some of the actual cpu_info
initialization to be done in the wrong array element.
Tested by and ok aoyama@
Make sure replies contain the expected server-id.
We only speak to and expect an answer from a specific server when we
are requesting or renewing a lease. In all other case we accept an
answer from any server.
Pointed out by Clouditera Security.
OK tb
Check that the server selected ciphersuite is valid for use with TLSv1.2.
In the legacy stack, ensure that the server selected ciphersuite is valid
for use with TLSv1.2 - this effectively means that it is not a TLSv1.3
ciphersuite. We currently fail the handshake, but at a later stage.
Reported by Tom Gouville from the tlspuffin team.
ok tb@
Remove check for use of TLSv1.2 ciphersuites with TLSv1.1 and earlier.
We no longer negotiate any TLS version lower than TLSv1.2, so this is now
redundant.
ok tb@
Replace SHA-256 and SHA-512 implementations in libc.
Replace the existing SHA-256 and SHA-512 implementations in libc with
versions that leverage some of the recent code in libcrypto. The existing
API is retained, along with reuse of the existing SHA2_CTX definitions.
These versions use static inline functions instead of macros and spell
out the full variable rotations to follow the specification, rather than
trying to outsmart the compiler.
This also gives us a basis to provide per-architecture accelerated
implementations, based on those in libcrypto.
ok naddy@ tb@
Add modal panes, created currently with new-pane -O. There is one modal
pane per window and it must be a floating pane. These are intended to
replace popups. Currently a modal pane will unzoom a zoomed window and
rezoom it when it is closed (a bit like modes do), but this is planned
to change when we get an always-on-top flag.
rework the force_update logic in the adj-rib-out
On initial connect the system needs to sync the adj-rib-out of a peer with
the Loc-RIB. This happens via peer_dump() and in this case the system
needs to push out all updates (but can drop any withdraw).
To do this a force_update flag was introduced but actually it is better to
use the mode argument and introduce EVAL_SYNC for this case.
If mode == EVAL_SYNC adjout_prefix_update needs to force the update and
adjout_prefix_withdraw can drop the withdraw.
The other user of peer_dump() is during config reloads where the RIB of a
peer is altered. In that case the adj-rib-out is first flushed. Because of
this flush peer_dump can be used to push out all updates.
This also removes the NOTYET block in peer_generate_update() and
replaces it with inside up_generate_addpath_all() with a call
up_generate_addpath().
OK tb@
cnmac: Fix packet corruption with veb(4)
Account for VLAN header when setting IP packet offset for TCP/UDP
checksum offload on transmit. Otherwise cnmac(4) can corrupt packets
that are sent through veb(4).
Initial patch from Sergii Rudchenko.
ether_extract_headers() usage added by me.
OK kirill@