Disable kbind() and pinsyscalls() for static binaries at the correct
time, which is inside exec_elf_makecmds(). Amusingly, it looks like
these protection mechanisms are not needed because other process state
protects against kbind use since we completed the switch to static pie.
Also any priviledged static binary (which we ship, setuid or daemon) is
not going to contain a pinsyscall or kbind slot in the loaded pinsyscalls
table, so they cannot perform those. Only synthetic binaries with their
own pinsyscalls table could play, but of course they won't run with
priviledge..
from Andrew Griffiths at Calif
ok kettenis, andrew also approves of this approach
But the NVMe controller integrated on Apple silicon (M1, M2, etc.)
advertises support for 128-byte submission queue entries but only works
with 64-byte entries. So let aplns(4) override the size.
ok jcs@
Update clzdi2.c to pull in the following commit neede because of a change
in clang brought in with the llvm 22 update:
commit 5d0e26e571c08dc4c0b2a25ed6c9f845f054fa76
Author: Koakuma <koachan at protonmail.com>
Date: Tue Apr 29 07:36:32 2025 +0700
[compiler-rt] Make sure __clzdi2 doesn't call itself recursively on sparc64 (#136737)
On 64-bit platforms, libgcc doesn't ship with __clzsi2, so __builtin_clz
gets lowered to __clzdi2. A check already exists for GCC, but as of
commit 8210ca019839fc5430b3a95d7caf5c829df3232a clang also lowers
__builtin_clz to __clzdi2 on sparc64.
Update the check so that building __clzdi2 with clang/sparc64 also
works.
ok tb@, deraadt@
Unbreak and update powerpc retguard for llvm 22
For RETGUARD_LOAD_COOKIE when -fno-pie (as in macppc kernels), change
a relocation in -fno-pie (as in macppc kernels) from unusual S_HIGHA
"__retguard_3671 at higha" to usual S_HA "__retguard_3671 at ha". This
prevents an error from lld 22,
ld: error: rasops15.o:(function rasops15_init: .text+0x2): unknown \
relocation (111) against symbol __retguard_3671
For RETGUARD_LOAD_PC in PIC code, change an instruction from 'bl .+4'
to 'bcl 20,31,.+4' to fix branch prediction. This follows the same
change in upstream llvm,
https://github.com/llvm/llvm-project/issues/128644
ok jca@ naddy@
Add support for 40MHz channels to qwx.
Also fix setting of 11n phy parameters during the association flow.
The NODE_HT flag isn't set yet when qwx_assoc() runs. We need to apply
11n-related peer parameters in qwx_run().
Tested by phessler@ and myself.
ok mlarkin@ phessler@
Handle country code events sent by qwx firmware.
Seems to fix the issues where association was unreliable.
Tested by phessler@, robert@, and myself.
ok mlarkin@ phessler@
