BSD Commit Log Search

   Enable nwid scanning by doing two things:

   1. Disable the 802.11d scanning command for now, since it causes a firmware
      error for which we currently have no solution.  This isn't a critical
      feature, and we can progress without it until we find a solution.

   2. Send the HTT software ring setup messages for the receive rings, otherwise
      the firmware never initializes its RXDMA pipeline, and delivers no frames
      to the host.  For that we did port over the
      ath12k_dp_rxdma_ring_sel_config_wcn7850() and ath12k_dp_rx_htt_setup()
      functions from the linux driver.

   Tested and ok kettenis@, kirill@

   expand_domacro() handled a defined() with the wrong argument count via
   an error path that doesn't drain es->args

   OK jsg

   PFI_FLAG_SKIP may be lost when interface disappears and then reappears

   if 'set skip on ...' in pf.conf(5) refers to interface (or interface group)
   which is yet to be created in system, then all is good.

   However if the interface (or interface group) exists in system at the time
   when pf.conf(5) is being loaded to pf(4) the effect of skip flag might get
   lost. The scenario for tap0 interface goes as follows:

   tap0 (and tap interface) exist in system and is known to pf(4), meaning
   'pfctl -sI' reports tap0 and tap.

   pf.conf with 'set skip on tap' is loaded. The pf(4) sets the flag on
   `kif` instance without obtaining a reference to keep it in table
   until skip flag (PFI_FLAG_SKIP) is reset.

   tap0 interface is removed from system (ifconfig tap0 destroy),
   the tap0 is removed from system and also corresponding kif instance
   is removed from pf(4). kif is forgotten together with flag settings. If tap0

    [13 lines not shown]

   pkcs7test: factor main into a helper so we can add some unit tests easily

   Remove the bootcmd hint for now

   On this jupiter box, U-Boot's bootcmd can't be interrupted on the serial
   console by pressing any key, Ctrl+C or ESC, even though the official
   docs say it should be possible by pressing any key.

   sigh

   Better wording and typo fix for the Spacemit K1 boards

   Mention some Spacemit K1 boards that kettenis added support for

   BananaPi F3, Orange Pi RV2, and Milk-V Jupiter

   Add post-install hints for boards without distro_bootcmd (like BPi F3/Jupiter)

   The default bootcmd is useless on these boards, so suggest some simple
   default boot command.

   Document specifics for spacemit K1-based boards

   Orange Pi RV2, BananaPi F3, and Milk-V Jupiter
   Requested by deraadt

   Move hw-specific parts at the end of this file

   sys/octeon: preserve bootloader console baud

   The SRX300 console runs at 9600 baud under U-Boot; OpenBSD forced 115200
   during console handoff, which garbled output immediately after early
   memory setup and made a live kernel look dead.

   Here, I read the programmed UART divisor instead and derive comconsrate
   from it, so the kernel preserves the bootloader console configuration.

   OK: visa@

   sys/octeon: accept linux,phandle for IRQs

   SRX300 firmware DT describes the CIU root and several CIB interrupt
   controllers with linux,phandle, but omits phandle.

   octeon_intr_register() consumed only the latter; the controllers
   therefore never entered the interrupt controller registry, and every
   later interrupt-parent lookup for CIB, AHCI, and xHCI failed.

   Thus, dev/ofw/fdt lookup code already treats phandle and linux,phandle
   as equivalent; so the Octeon interrupt layer should do the same when
   registering interrupt controllers.

   OK: kettenis@, visa@

   vi: fix indent by trailing extra space

   from Walter Alejandro Iglesias

   vi: whitespace fixes

   Zap trailing whitespace, remove spaces before tabs, and expand 8 spaces to
   tabs.

   Prompted by a diff by Walter Alejandro Iglesias

   vi: avoid set but not used warnings

   From Walter Alejandro Iglesias
   ok claudio

   mlkem: use <openssl/mlkem.h> instead of "mlkem.h"

   patch from portable

   Clarify comment on what setting extended types for channels does

   OK djm@

   tls_keypair: add missing <limits.h>

   from bcook kenjiro

   ec_pmeth: fix 20yo comment: *outlen -> *keylen

   drm/i915/psr: Do not use pipe_src as borders for SU area

   From Jouni Hogander
   de9aa7e89b98157d2650f25691e40711b8404151 in linux-6.18.y/6.18.23
   75519f5df2a9b23f7bf305e12dc9a6e3e65c24b7 in mainline linux

   drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat

   From Sebastian Brzezinka
   2af8b200cae3fdd0e917ecc2753b28bb40c876c1 in linux-6.18.y/6.18.23
   4c71fd099513bfa8acab529b626e1f0097b76061 in mainline linux

   7.9-current
   ok deraadt@

   correctly set extended type for client-side channels. Fixes
   interactive vs bulk IPQoS for client->server traffic. ok job@

   login_chpass: No longer need to install this setuid root

   When the YP code was removed login_chpass became wrapper that just
   execs login_lchpass.

   OK deraadt@

   Terminate SMBIOS vendor/product matching at first match.

   ok jsg@, tobhe@, deraadt@

   Extend the SEV bounce buffer implementation to make it usable for bouncing
   memory that isn't DMA reachable.

   ok deraadt@

   Get rid of the COM_CONSOLE ifdef maze.  This was introduced for sparc
   which is no longer with us.

   ok jsg@

   floating point state leakage can be observed on AMD Zen/Zen+ (Zen 1)

   This was discovered by the Rootsec research group at the CISPA Helmholtz
   Center for Information Security.  Rootsec named the problem
   Floating Point Divider State Sampling (FP-DSS).

   Do AMD's suggested mitigation, setting a chicken bit in an MSR.

   https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7053.html
   https://roots.ec/blog/fpdss/

   ok deraadt@ brynet@

   Prevent buffer overflow by checking the correct counter.

   An attacker on the same layer 2 network can send rogue router
   advertisements, potentially crashing slaacd.

   from Maurice Hieronymus (mhi AT mailbox.org), thanks!
   from florian@; OK deraadt

   this is errata/7.7/039_slaacd.patch.sig

   Prevent buffer overflow by checking the correct counter.

   An attacker on the same layer 2 network can send rogue router
   advertisements, potentially crashing slaacd.

   from Maurice Hieronymus (mhi AT mailbox.org), thanks!
   from florian@; OK deraadt

   this is errata/7.8/033_slaacd.patch.sig