partially revert previous to return to 64-byte submission queue
entries by default, only applying 128-byte entries on APPLE_NVME3
(T2) where we know it's needed
the previous change broke APPLE_NVME2 which advertises 128 bytes but
needs 64
ok dlg
Yet another AI assisted report has triggered on the belief that
kill(2) against 0 (for pgrp) should not be permitted by pledge "proc".
Nothing validates this premise. Blocking process group kills would
break substantial amounts of software in dangeous ways, as it creates
fragile invarient conditions. We previously tried to block this belief
with kern_pledge.c:1.357 by subtly adding "/pgrp" in a comment, but that
was not effective so try adding "kill(2) may still operate on the
process group with pid 0." to the manual page. This is annoying
because the pledge manual page usually describes what is blocked
(resulting in process killing) rather than specifically listing
what allowed.
Discussed with Ivan Arce
sys: check vnode identity after vget
Several vnode lookup paths keep a vnode pointer from a filesystem hash,
node tree, or alias list, then call vget() after dropping or lacking the
lookup side protection. If the vnode is recycled while vget() waits, the
pointer can still name a valid struct vnode, but no longer the object
found by the lookup.
Record v_id before vget() and retry the lookup if the id changes after
the vnode is locked. This matches the existing namecache pattern and
turns stale vnode hits into lookup retries instead of returning the
wrong object.
OK: claudio@
ssherr-libcrypto: avoid use of deprecated ERR_load_crypto_strings()
Follow regress and use unchecked OPENSSL_init_crypto() because
ERR_load_crypto_strings() has been deprecated in OpenSSL 1.1.0.
This call can in principle fail, in which case there's a fallback
to generic error strings.
There is still use of OpenSSL 3.x-deprecated API in here. That's
a problem for someone else to solve.
ok djm
change Venezuelan Bolivar ISO 4217 code from VEF to VES
VES was used for the 2018 redenomination. VED was used as part of the 2021
redenomination process. VES remains the official code after the 2021
redenomination according to ISO 4217 amendment number 170.
set FD_CLOEXEC on the fds between sftp and its ssh process,
avoids risk of subcommands that write on odd fds breaking the
connection. GHPR693 from Manuel Einfalt;
feedback deraadt@ ok dtucker@
check key and IV length received in privsep state transfer
exactly match the expected sizes for the selected cipher;
partially redundant to similar checks in cipher_init(), but
nice to be more exact.
GHPR from jmestwa-coder; ok dtucker@
Use pre-allocated extent region descriptors to prevent bus_dmamap_load(9)
failures on a dmamap that was created with the BUS_DMA_ALLOCNOW flag.
ok chris@, hshoexer@
Limit hyperlink URIs to 1024 bytes which seems enough and allows us not
to have to worry about gigantic URIs in styles, part of a change from
Moritz Angermann.
Declare immutable `msginfo' structure as const. Also, `msginfo' is local
to kern/sysv_msg.c, so remove declaration from sys/msg.h. This
declaration is not exposed to the userland. usr.bin/ipcs/ipcs.c has
"#define _KERNEL" before include SysV headers, but doesn't touch
`msginfo'.
ok deraadt
fix ineffective max file size check when loading blobs/keys from
files and add another one on a patch that was not covered by the
existing ones. From Tess Gauthier via bz3969 and bz3970
