Add support for 40MHz channels to qwx.
Also fix setting of 11n phy parameters during the association flow.
The NODE_HT flag isn't set yet when qwx_assoc() runs. We need to apply
11n-related peer parameters in qwx_run().
Tested by phessler@ and myself.
ok mlarkin@ phessler@
Handle country code events sent by qwx firmware.
Seems to fix the issues where association was unreliable.
Tested by phessler@, robert@, and myself.
ok mlarkin@ phessler@
acme-client: use _get0_ instead of _getm_ for const correctness
The revokeproc doesn't modify the Validity, so use a const ASN1_TIME and
switch to X509_get0_notBefore()/X509_get0_notAfter().
suggested by job a long time ago
acme-client: fix timegm(3) invocations
Use the tm.tm_wday = -1 sentinel check and switch X509notbefore() and
X509notafter() to use a time_t * output parameter since an in-band error
doesn't work for them for the same reason it doesn't work for timegm(3).
The error check remains against -1 to keep the diff small, but should
perhaps be changed to use a Boolean 0/1 approach.
Of course, with the aggressive push to very short-lived certificates in
the WebPKI, negative epoch times won't happen here in practice.
ok florian
vmd: Unbreak using images supplied with vmctl -b
My previous fix for reused filedescriptors broke using images
supplied with "vmctl -b": In that case, kernfd remained to be set
to -1, thus passing that filedescriptor to the child process failed.
To resolve this, dup vm->vm_kernel right before passing the descriptor
with proc_compose(). This fixes -b and the keeps original fix
working.
In the error path I rely on vm_stop()/vm_remove() closing vm->vm_kernel.
Therefore, remove the redundant close().
ok mlarkin@ deraadt@
Introduce new FDT functions OF_getpropstr() and OF_freepropstr().
OF_getpropstr() is a clone of OF_getprop(), designed for retrieving
strings, and differs as following:
- Do dynamic allocation of the destination buffer using malloc().
- Guarantee a NUL termination of the returned string.
A deraadt@ and kettenis@ collaboration.
ok kettenis@
A privileged guest can program an out-of-layout Virtio 1.x `queue_avail`
address for the `vioscsi` device and then notify the queue. The host-side
`vioscsi` device process dereferences a pointer derived from the unchecked
offset and terminates with `SIGSEGV`.
from Quarkslab
ok hshoexer, mlarkin
A privileged guest can notify an invalid virtio-scsi queue index. The
host-side `vioscsi` device process uses the guest-controlled value as an array
index without a bounds check, interprets adjacent process memory as virtqueue
metadata, and terminates with `SIGSEGV`.
from Quarkslab
ok hshoexer, mlarkin
