OpenBSD/src gzRLkK5sys/arch/amd64/amd64 acpi_wakecode.S locore0.S, sys/arch/amd64/include cpufunc.h

   Clear %dr6 and %dr7 on boot and on resume from suspend, in case the
   BIOS uses but doesn't reset them.  Display their values in trap_print()
   if it's a trace trap.

   problem observed on a MacPro6,1 by mglocker@
   ok deraadt@ mglocker@
VersionDeltaFile
1.44+20-1sys/arch/amd64/include/cpufunc.h
1.51+6-1sys/arch/amd64/amd64/acpi_wakecode.S
1.27+6-1sys/arch/amd64/amd64/locore0.S
1.107+3-1sys/arch/amd64/amd64/trap.c
+35-44 files

OpenBSD/src XVnNDpqshare/man/man8 starttls.8 afterboot.8

   clean up and revise some wording.
   delete lots of junk that maybe sounded good 20 years ago in starttls.8
   ok benno jmc
VersionDeltaFile
1.29+8-36share/man/man8/starttls.8
1.175+10-10share/man/man8/afterboot.8
1.34+1-5share/man/man8/boot_config.8
+19-513 files

OpenBSD/src tLsPieSlibexec/reorder_kernel reorder_kernel.sh

   just run make reconfig here, now that target exists
VersionDeltaFile
1.15+2-2libexec/reorder_kernel/reorder_kernel.sh
+2-21 files

OpenBSD/src uYhEQJjsys/arch/alpha/conf Makefile.alpha, sys/arch/amd64/conf Makefile.amd64

   lucas pointed out that config failure could be swalled by true.
   use a new incantation suggested by tb.
VersionDeltaFile
1.113+2-2sys/arch/sparc64/conf/Makefile.sparc64
1.142+2-2sys/arch/amd64/conf/Makefile.amd64
1.120+2-2sys/arch/alpha/conf/Makefile.alpha
1.54+2-2sys/arch/arm64/conf/Makefile.arm64
1.59+2-2sys/arch/armv7/conf/Makefile.armv7
1.113+2-2sys/arch/hppa/conf/Makefile.hppa
+12-128 files not shown
+28-2814 files

OpenBSD/src 442bfuPusr.bin/pkgconf/man pkgconf.1

   sort options list; no text or markup change;
   accepted and pushed upstream by Ariadne Conill
VersionDeltaFile
1.3+124-127usr.bin/pkgconf/man/pkgconf.1
+124-1271 files

OpenBSD/src Hae49uZusr.bin/ftp fetch.c

   When auto-fetching files:
    1. Error out when a command line argument that is supposed to specify
       a URL does not contain a colon, rather than silently ignoring all
       subsequent arguments including the bad one and reporting spurious
       success.  This can only happen for a bad argument following a valid
       URL argument.
    2. The check whether the "host" part of a URL is empty was ineffective.
       Move it after cutting off the directory part to make it actually work,
       and let it print a meaningful error message.

   Issue 1 reported by Henrich Hartzer <h at hartzer dot sh> on tech@.
   Issue 2 found in my audit of the function triggered by the report.

   OK tedu@, and deraadt@ is "not worried"
VersionDeltaFile
1.219+12-7usr.bin/ftp/fetch.c
+12-71 files

OpenBSD/src tD3nkwisbin/mountd mountd.c

   Clear the resp buffer before calling getfh(). If getfh fails the response
   would leak stack memory to the less privileged process.

   Reported by S. Ai, H. Lefeuvre, Systopia team
   OK deraadt@
VersionDeltaFile
1.98+2-1sbin/mountd/mountd.c
+2-11 files

OpenBSD/src 2lrP24Qregress/lib/libcrypto/x509 x509_name_test.c Makefile

   merge the x509name test into x509_name_test.c

   Remove the old x509name test and its Makefile rule. Its logic has
   been fully integrated into x509_name_test.c using a new table-driven
   approach. Each x509 name entry is added and validated step by step,
   checking both the string representation produced by X509_NAME_print_ex()
   and the internal RDN set structure.

   This makes the test easier to extend and maintain, and eliminates the need
   for an external .expected file or output diff.

   From Kenjiro Nakayama (with tiny tweaks)
VersionDeltaFile
1.3+122-1regress/lib/libcrypto/x509/x509_name_test.c
1.25+3-7regress/lib/libcrypto/x509/Makefile
1.4+1-1regress/lib/libcrypto/x509/x509name.c
1.2+0-0regress/lib/libcrypto/x509/x509name.expected
+126-94 files

OpenBSD/src VRiwa0Eusr.bin/ssh PROTOCOL PROTOCOL.certkeys

   Now that there's an I-D for certificate keys, refer to that instead
   of the much more basic format description we had previously.
VersionDeltaFile
1.56+2-2usr.bin/ssh/PROTOCOL
1.21+1-1usr.bin/ssh/PROTOCOL.certkeys
+3-32 files

OpenBSD/src xVm6dGCusr.bin/ssh ssh-agent.1

   - add full stop to the text in -a
   - move the -U and -u text to the correct place
VersionDeltaFile
1.84+8-8usr.bin/ssh/ssh-agent.1
+8-81 files

OpenBSD/src zAeqagmusr.bin/ssh misc-agent.c

   missing file in previous commit
VersionDeltaFile
1.1+329-0usr.bin/ssh/misc-agent.c
+329-01 files

OpenBSD/src lSkMIEXusr.sbin/lldpd lldpd.c

   call an af_frame socket an af_frame socket
VersionDeltaFile
1.6+4-4usr.sbin/lldpd/lldpd.c
+4-41 files

OpenBSD/src nvMqKU1sys/arch/alpha/conf Makefile.alpha, sys/arch/amd64/conf Makefile.amd64

   try this again. reconfig kernel, now with || true if file doesn't exist.
VersionDeltaFile
1.148+5-2sys/arch/i386/conf/Makefile.i386
1.119+5-2sys/arch/alpha/conf/Makefile.alpha
1.141+5-2sys/arch/amd64/conf/Makefile.amd64
1.53+5-2sys/arch/arm64/conf/Makefile.arm64
1.58+5-2sys/arch/armv7/conf/Makefile.armv7
1.112+5-2sys/arch/hppa/conf/Makefile.hppa
+30-128 files not shown
+70-2814 files

OpenBSD/src DP7hwEesys/arch/alpha/conf Makefile.alpha, sys/arch/amd64/conf Makefile.amd64

   revert previous, need to adjust incantation to not fail by default
VersionDeltaFile
1.118+2-5sys/arch/alpha/conf/Makefile.alpha
1.140+2-5sys/arch/amd64/conf/Makefile.amd64
1.52+2-5sys/arch/arm64/conf/Makefile.arm64
1.57+2-5sys/arch/armv7/conf/Makefile.armv7
1.111+2-5sys/arch/hppa/conf/Makefile.hppa
1.147+2-5sys/arch/i386/conf/Makefile.i386
+12-308 files not shown
+28-7014 files

OpenBSD/src zUNNfU4usr.bin/ssh ssh-agent.c session.c

   Move agent listener sockets from /tmp to under ~/.ssh/agent for both
   ssh-agent(1) and forwarded sockets in sshd(8).

   This ensures processes (such as Firefox) that have restricted
   filesystem access that includes /tmp (via unveil(3)) do not have the
   ability to use keys in an agent.

   Moving the default directory has the consequence that the OS will no
   longer clean up stale agent sockets, so ssh-agent now gains this
   ability.

   To support $HOME on NFS, the socket path includes a truncated hash of
   the hostname. ssh-agent will by default only clean up sockets from
   the same hostname.

   ssh-agent gains some new flags: -U suppresses the automatic cleanup
   of stale sockets when it starts. -u forces a cleanup without
   keeping a running agent, -uu forces a cleanup that ignores the
   hostname. -T makes ssh-agent put the socket back in /tmp.

    [2 lines not shown]
VersionDeltaFile
1.312+79-31usr.bin/ssh/ssh-agent.c
1.342+4-30usr.bin/ssh/session.c
1.83+27-5usr.bin/ssh/ssh-agent.1
1.199+16-1usr.bin/ssh/misc.c
1.34+8-1usr.bin/ssh/pathnames.h
1.111+7-1usr.bin/ssh/misc.h
+141-694 files not shown
+147-7410 files

OpenBSD/src Bk3kUhuusr.bin/ssh monitor_wrap.c

   correct log messages; the reap function is used for more than just
   the preauth process now
VersionDeltaFile
1.139+4-4usr.bin/ssh/monitor_wrap.c
+4-41 files

OpenBSD/src cEVtJVisys/arch/alpha/conf Makefile.alpha, sys/arch/amd64/conf Makefile.amd64

   add a reconfig target to kernel installs, like reorder_kernel does
   after book. also change reorder_kernel to use [[ ]] shell tests.
   ok deraadt kn
VersionDeltaFile
1.117+5-2sys/arch/alpha/conf/Makefile.alpha
1.139+5-2sys/arch/amd64/conf/Makefile.amd64
1.51+5-2sys/arch/arm64/conf/Makefile.arm64
1.56+5-2sys/arch/armv7/conf/Makefile.armv7
1.110+5-2sys/arch/hppa/conf/Makefile.hppa
1.20+5-2sys/arch/riscv64/conf/Makefile.riscv64
+30-129 files not shown
+72-3015 files

OpenBSD/src lMhJ7txsys/dev/pci/drm/amd/amdgpu gfx_v11_0.c gfx_v10_0.c

   drm/amdgpu: Use the right function for hdp flush

   From Lijo Lazar
   54cbce4fe04bc6793178a3daff70fba2acbf7644 in linux-6.12.y/6.12.26
   c235a7132258ac30bd43d228222986022d21f5de in mainline linux
VersionDeltaFile
1.24+6-6sys/dev/pci/drm/amd/amdgpu/gfx_v11_0.c
1.18+4-4sys/dev/pci/drm/amd/amdgpu/gfx_v10_0.c
1.5+3-3sys/dev/pci/drm/amd/amdgpu/gfx_v12_0.c
1.14+2-2sys/dev/pci/drm/amd/amdgpu/gmc_v10_0.c
1.8+2-2sys/dev/pci/drm/amd/amdgpu/gmc_v11_0.c
1.4+2-2sys/dev/pci/drm/amd/amdgpu/gmc_v12_0.c
+19-194 files not shown
+23-2310 files

OpenBSD/src BjrOrFzsys/dev/pci/drm/amd/amdgpu amdgpu_gfx.c

   drm/amdgpu: use a dummy owner for sysfs triggered cleaner shaders v4

   From Christian Koenig
   0fd149c26281532ab840df440c6d1f7dfa1c6e90 in linux-6.12.y/6.12.26
   447fab30955cf7dba7dd563f42b67c02284860c8 in mainline linux
VersionDeltaFile
1.18+11-3sys/dev/pci/drm/amd/amdgpu/amdgpu_gfx.c
+11-31 files

OpenBSD/src 6GfrK9Usys/dev/pci/drm/amd/amdgpu amdgpu_gmc.c amdgpu.h

   drm/amdgpu: Increase KIQ invalidate_tlbs timeout

   From Jay Cornwall
   bbf2d060524764de6e84e5721c95c0a63aa4e6cf in linux-6.12.y/6.12.26
   3666ed821832f42baaf25f362680dda603cde732 in mainline linux
VersionDeltaFile
1.15+14-5sys/dev/pci/drm/amd/amdgpu/amdgpu_gmc.c
1.27+0-1sys/dev/pci/drm/amd/amdgpu/amdgpu.h
+14-62 files

OpenBSD/src iHmsN3Esys/dev/pci/drm/amd/display/amdgpu_dm amdgpu_dm.c

   drm/amd/display: Force full update in gpu reset

   From Roman Li
   1ae30272b992dd011f54c7659668ba5521a3c282 in linux-6.12.y/6.12.26
   67fe574651c73fe5cc176e35f28f2ec1ba498d14 in mainline linux
VersionDeltaFile
1.163+3-0sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c
+3-01 files

OpenBSD/src ts0n1dxsys/dev/pci/drm/amd/display/amdgpu_dm amdgpu_dm.c

   drm/amd/display: Fix gpu reset in multidisplay config

   From Roman Li
   3ff83378b6b1b59f6cf71d021a67fc68c3fb9221 in linux-6.12.y/6.12.26
   7eb287beeb60be1e4437be2b4e4e9f0da89aab97 in mainline linux
VersionDeltaFile
1.162+3-3sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c
+3-31 files

OpenBSD/src COyHCXRsys/dev/pci/drm/amd/display/dc/dml2 dml2_wrapper.c, sys/dev/pci/drm/amd/display/dc/dml2/dml21 dml21_wrapper.c

   drm/amd/display/dml2: use vzalloc rather than kzalloc

   From Alex Deucher
   b26ac563704cf5d0025f4af3290d4b88fa345a3a in linux-6.12.y/6.12.26
   cd9e6d6fdd2de60bfb4672387c17d4ee7157cf8e in mainline linux
VersionDeltaFile
1.6+6-5sys/dev/pci/drm/amd/display/dc/dml2/dml21/dml21_wrapper.c
1.5+4-2sys/dev/pci/drm/amd/display/dc/dml2/dml2_wrapper.c
+10-72 files

OpenBSD/src OSw5IB1sys/dev/pci/drm/amd/display/dc/dml2/dml21 dml21_wrapper.c

   drm/amd/display: Fix unnecessary cast warnings from checkpatch

   From Rohit Chavan
   50ec8c24286e528ecc60ebaf5121ae308b742a9c in linux-6.12.y/6.12.26
   c299cb6eafaf76d0cb4094623d6401c45d8bd0dc in mainline linux
VersionDeltaFile
1.5+3-3sys/dev/pci/drm/amd/display/dc/dml2/dml21/dml21_wrapper.c
+3-31 files

OpenBSD/src dGvTrkYsys/dev/pci/drm/include/drm/intel i915_pciids.h

   drm/xe/bmg: Add one additional PCI ID

   From Matt Roper
   0fdb612c2072c2d0f3dd36d1a1a18250526dfd48 in linux-6.12.y/6.12.26
   5529df92b8e8cbb4b14a226665888f74648260ad in mainline linux
VersionDeltaFile
1.3+1-0sys/dev/pci/drm/include/drm/intel/i915_pciids.h
+1-01 files

OpenBSD/src FNNtPV2share/man/man4 azalia.4

   remove outdated list of devices. ok jmc jsg
VersionDeltaFile
1.28+2-21share/man/man4/azalia.4
+2-211 files

OpenBSD/src WySWcj8sys/netinet in_pcb.c tcp_input.c, sys/netinet6 in6_pcb.c

   Fix race in TCP SYN cache get.

   Setting the local and foreign address of a newly created socket did
   not happen atomically.  During socket setup there was a small window
   for an incpb that had a bound laddr, but faddr was emtpy.  Although
   both listen and new socket are locked during syn_cache_get(),
   in_pcblookup_listen() could find the incpb of the new socket.  When
   a SYN packet of another connection arrived in parallel, it was
   processed with the socket under construction instead of the listen
   socket.

   Setting both faddr and laddr together in in_pcbset_addr() fixes the
   race.  The relevant code has been copied from in_pcbconnect().  The
   table mutex inpt_mtx guarantees that in_pcblookup_listen() finds
   the listen socket.

   bug found and fix tested by Mark Patruck; OK mvs@
VersionDeltaFile
1.313+35-18sys/netinet/in_pcb.c
1.148+41-2sys/netinet6/in6_pcb.c
1.443+3-14sys/netinet/tcp_input.c
1.167+7-4sys/netinet/in_pcb.h
+86-384 files

OpenBSD/src y3YBm66sys/nfs nfs_serv.c

   Do not allow readdir and readdirplus NFS operations on non-directory vnodes;
   from miod@, reported by Claes M Nyberg to bugs@, ok claudio@

   this is errata/7.7/001_nfs.patch.sig
VersionDeltaFile
1.131.4.1+9-1sys/nfs/nfs_serv.c
+9-11 files

OpenBSD/src CWBiip1sys/nfs nfs_serv.c

   Do not allow readdir and readdirplus NFS operations on non-directory vnodes;
   from miod@, reported by Claes M Nyberg to bugs@, ok claudio@

   this is errata/7.6/016_nfs.patch.sig
VersionDeltaFile
1.130.4.1+9-1sys/nfs/nfs_serv.c
+9-11 files

OpenBSD/src LpxEmi6sys/arch/amd64/include pmap.h

   Remove unused vtopte() inline function.
VersionDeltaFile
1.92+1-12sys/arch/amd64/include/pmap.h
+1-121 files