Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 5b7c8fd6 | 2025-02-17 09:25:45 | Simplify ECDH_size() by using BN_num_bytes() ok jsing | ||
| 2f5a0aea | 2025-02-17 08:56:33 | Get rid of unused `so' argument in sbreserve(). ok bluhm | ||
| edfe48e7 | 2025-02-17 08:39:50 | Reorder <sys/socketvar.h> by moving inline functions to the end. ok bluhm | ||
| 4df8ba73 | 2025-02-17 05:00:06 | reduce diff to linux | ||
| ae0be371 | 2025-02-16 16:05:07 | Use shared socket lock for NFS. The socket functions that are called by NFS code are MP safe. Shared net lock together with socket lock is sufficient. OK mvs@ | ||
| c48feb94 | 2025-02-16 13:07:08 | Argument order fix for m_gethdr ok martijn@ claudio@ bluhm@ | ||
| 3411e7e2 | 2025-02-16 11:39:28 | Revert SMR protection of rt_gwroute. Using a smr_barrier() in rt_putgwroute() slows down adding routes. This is the hot path for BGP router. Syncing the FIB is now taking ages and the system is close to unrespnsive in that time. found by claudio@ | ||
| af99e056 | 2025-02-16 11:27:23 | sync | ||
| c129e66c | 2025-02-16 10:11:37 | Add support for reading eeprom pages for the few cards with SFP slots. ok dlg@ | ||
| f3e19b3a | 2025-02-16 09:15:54 | hook opam-module.5 page in man5/Makefile reminder by tb@ | ||
| ab7d5da6 | 2025-02-16 09:03:31 | add opam-module.5 man page to document sysutils/opam module. with help from jmc@ | ||
| 96ec60f5 | 2025-02-15 21:49:28 | Fail hard with mutex assertion if socket buffer is not locked. OK mvs@ | ||
| a1e112ca | 2025-02-15 11:55:17 | call intel_fbdev_invalidate() at the end of intelfb_create() Avoids a problem seen with the (Alder Lake) Framework 13 after the 6.12 drm update. Userland console output did not display without switching to a virtual terminal and back. Not all Alder Lake machines, T14 Gen 3 Intel worked as expected before this change. reported and tested by matthieu@ | ||
| 5c4be1f5 | 2025-02-15 09:05:15 | sys/uvideo: clarify bulk endpoint stream closure UVC does not specify how to notify a bulk-based device when the video stream stops. Both Linux and Windows send a CLEAR_FEATURE(HALT) request to the video streaming bulk endpoint. OK: mglocker@ | ||
| ecbcc43a | 2025-02-15 06:48:56 | - use \& when contructs like "e.g." end a line, to avoid double spacing - macro is Qq not Oq | ||
| 3b0301ee | 2025-02-15 01:52:07 | add "Match version" support to ssh_config. Allows matching on the local version of OpenSSH, e.g. "Match version OpenSSH_10.*" ok markus@ | ||
| ecd65cd4 | 2025-02-15 01:50:47 | Add support for "Match sessiontype" to ssh_config. Allows matching on the type of session requested, either "shell" for interactive sessions, "exec" for command execution sessions, "subsystem" for subsystem requests, such as sftp, or "none" for transport/forwarding-only sessions. ok markus@ | ||
| b568ccc6 | 2025-02-15 01:48:30 | "Match command ..." support for ssh_config to allow matching on the remote command specified on the commandline. Also relaxes matching rules for `Match tagged` to allow `Match tagged ""` to match an empty tag value. This also works for command. ok markus@ | ||
| e245266b | 2025-02-14 19:38:59 | sync | ||
| 8d246409 | 2025-02-14 18:42:43 | It is important that we map memory with the right attributes otherwise we may trigger an SError. The crashlog entries for the SMC live in SRAM which needs to be mapped as device memory. To make this possible, make the rk_logmap() rtkit callback function return the desired memory attributes in the low bits of the address, using PMAP_NOCACHE or PMAP_DEVICE defines. Rewrite the DCP implementation of rk_logmap() to do a better job ati determining the correct mapping. The current code would fail in some cases (i.e. on the M1 Pro MacBook Pro) and map some unused address as normal non-cachable which could also trigger an SError. ok jca@ | ||
| 4a7354f2 | 2025-02-14 18:36:04 | Add support for device mappings in pmap_kenter_pa(9) the same way we handle those in pmap_enter(9). ok jca@ | ||
| e8902928 | 2025-02-14 13:29:00 | Add the kern.audio.kbdcontrol sysctl(2) variable If set to 0, the volume keys on multimedia keyboards are handled as regular keys, allowing programs to use them. The default is 1, i.e. the current behavior. ok armani, kettenis, mvs | ||
| 51442b8a | 2025-02-14 13:14:13 | add tunneldf support to sec(4) sec(4) is a very thin wrapper around the existing ipsec output processing for encapsulating packets, and inherited the behaviour that the DF flag was propagated from the encapsulated packet to the outer ip header. this means if the sec(4) interface has a large mtu and is carrying packets with DF set over a network that can't transport large(r) packets, these packets are effectively dropped. ipsec applied via the SPD copes with this by having SAs figure out the path mtu and using that when applying policy, but sec(4) is an interface, so the network stack uses the interface mtu rather than the associated SA path mtu. rfc4459 discusses this kind of problem has offers a variety of solutions. this implements one of the simpler options, which is to allow the tunnel endpoints to manage the DF regardless of the payload and reassemble the encapsulated packets. to actually do this, ipsec output packet processing has to be able to take an argument that says how you want DF to be handled. in the future we're going to look at how we can use the path mtu determined by the ipsec SA to try and implement one of the other solutions from the RFC, which is to signal the lower mtu to the sources of tunnelled packets. tested by and ok claudio@ | ||
| 4eb9c9dc | 2025-02-14 12:01:58 | Replace Makefile based SHA*_ASM defines with HAVE_SHA_* defines. Currently, SHA{1,256,512}_ASM defines are used to remove the C implementation of sha{1,256,512}_block_data_order() when it is provided by assembly. However, this prevents the C implementation from being used as a fallback. Rename the C sha*_block_data_order() to sha*_block_generic() and provide a sha*_block_data_order() that calls sha*_block_generic(). Replace the Makefile based SHA*_ASM defines with two HAVE_SHA_* defines that allow these functions to be compiled in or removed, such that machine specific verisons can be provided. This should effectively be a no-op on any platform that defined SHA{1,256,512}_ASM. ok tb@ | ||
| e9994d6d | 2025-02-14 08:08:05 | With ACPI >= 5, assume UEFI and default to GPT Add another criteria besides efifb(4) attaching to determine whether the installer booted in UEFI mode and not stick with MBR in such cases. This at least avoids "An EFI/GPT disk may not boot. Proceed?" on some boxes. With deraadt kettenis beck | ||
| 4b5fa149 | 2025-02-14 06:25:00 | Cope with recent changes and pull in sys/rwlock.h. | ||
| c33cf9b0 | 2025-02-14 04:56:26 | Enable mtrng(4). ok kettenis@ | ||
| 9c575bff | 2025-02-14 03:15:06 | Add manual page for mtrng(4). ok kettenis@ | ||
| e04b0fdd | 2025-02-14 03:11:05 | Add mtrng(4), supporting the 32-bit random number generator on MediaTek SoCs. ok kettenis@ | ||
| dddbedba | 2025-02-13 21:01:34 | Fix route entry race when accessing rt_gwroute. Kassert in rt_getll() was triggered as rt_gwroute could be NULL. Problem was introduced by shared netlock around tcp_timer_rexmt(). PMTU discovery calls rtrequest_delete() which was missing proper locking around rt_gwroute. As rt_getll() is called by ARP and ND6 resolve in the hot path, use SMR to provide the pointer to rt_gwroute lockless. Reference count of the returned route is incremented, caller has to free it. Modifying rt_gwroute or rt_cachecnt in rt_putgwroute() is protected by per route lock. OK mvs@ | ||
| 88a67239 | 2025-02-13 19:54:44 | Remove leftover code from a previous iteration of this and which should have been removed before committing this in the first place. | ||
| ea26dbcb | 2025-02-13 16:31:25 | Add a note about C-r and C-s behaviour, GitHub issue 4309. Also add a missing word, from jmc@. | ||
| 9470f526 | 2025-02-13 14:44:33 | Get rid of unused `so' argument in sbrelease(). No functional changes. ok bluhm | ||
| babf29f6 | 2025-02-13 12:39:15 | Remove socket lock from soo_ioctl(FIOASYNC). The socket buffer flags are protected by socket buffer mutex. Neither socket lock nor net lock are needed anymore. OK mvs@ | ||
| 715c64a6 | 2025-02-13 11:19:49 | ec_mont_group_set_curve: convert to BN_MONT_CTX_create() and simplify This removes the penultimate internal call of BN_MONT_CTX_new(). The last one could be removed at the cost of introducing a BN_MONT_CTX_dup(), which probably isn't worth it. ok jsing | ||
| 955ad9dd | 2025-02-13 11:18:00 | dsa_gen: convert to BN_MONT_CTX_create() This can now be a single call before the BN_MONT_CTX is actually used rather than two calls separated by 170 lines. ok jsing | ||
| 0695c23a | 2025-02-13 11:15:09 | Convert bn_exp to BN_MONT_CTX_create() This simplifies the handling of the BN_MONT_CTX passed in and unifies the exit paths. Also zap some particularly insightful comments by our favorite captain. ok jsing | ||
| cce9f024 | 2025-02-13 11:10:01 | Convert BPSW to BN_MONT_CTX_create() ok jsing | ||
| eda5102e | 2025-02-13 11:09:51 | Convert BN_MONT_CTX_set_locked() to BN_MONT_CTX_create() ok jsing | ||
| f5061072 | 2025-02-13 11:04:20 | bn: add internal BN_MONT_CTX_create() This does what the public BN_MONT_CTX_new() should have done in the first place rather than doing the toolkit thing of returning an invalid object that you need to figure out how to populate and with what because the docs are abysmal. It takes the required arguments and calls BN_MONT_CTX_set(), which all callers do immediately after _new() (except for DSA which managed to squeeze 170 lines of garbage between the two calls). ok jsing | ||
| 44a9493f | 2025-02-12 21:41:53 | Use shared net lock in sysctl fill file. The macro FILLINPTABLE() already uses shared net lock for fill_file(). The FILLIT() sysctls should do the same instead of grabbing exclusive net lock. OK mvs@ | ||
| bd92615b | 2025-02-12 21:28:10 | Use socket lock for inpcb notify. The notify and ctlinput functions were not MP safe. They need socket lock which can be aquired by in_pcbsolock_ref(). Of course in_pcbnotifyall() has to be called without holding a socket lock. Rename in_rtchange() to in_pcbrtchange(). This is the correct namespace and the functions take care of the inpcb route. OK mvs@ | ||
| 4116b2d2 | 2025-02-12 21:22:15 | recp -> reciprocal renaming in tests | ||
| 3ca91234 | 2025-02-12 21:21:34 | Rename BN_mod_exp_recp() to BN_mod_exp_reciprocal() (leaving out a dotasm comment that would become harder to read than it already is) | ||
| eb8501b6 | 2025-02-12 20:18:31 | Fix ddb machine sysregs stack overflow. In 64-bit mode, the operand size of SIDT and SGDT instructions is 8+2 bytes. On amd64 ddb command 'machine sysregs' reserved only int64_t, resulting in a stack overflow. Use struct region_descriptor which has the correct memory layout for IDTR and GDTR. Allow to call db_sysregs_cmd() also with single processor kernel. from Sebastian Sturm; OK deraadt@ miod@ | ||
| b57ea41b | 2025-02-12 19:33:20 | Make the filename for the config file const since it should not be modified. OK tb@ | ||
| 7bceecc6 | 2025-02-12 16:49:56 | Replace hand-rolled list foreach loops with corresponding FOREACH_SAFE In most cases this is obvious the tricky ones are in name2id.c where the cleaned up code is a fair bit easier to read. OK tb@ | ||
| e38e22e0 | 2025-02-12 16:40:51 | Move * around in prototype. | ||
| 99f2f888 | 2025-02-12 14:11:26 | Changes to the per-process unveil datastructures can be raced by either pledge() [removing all path promises] or unveil() [adding new paths], against namei() inspecting in other thread system calls. Detailed locking for this would make future work on vfs unlocking difficult, so use the simplest way for now: SINGLE_UNWIND ok claudio | ||
| bc46d05f | 2025-02-12 13:10:13 | Improve control_imsg_relay() error handling and move the peer check to session imsg dispatch where all other checks are as well. OK tb@ | ||
| 705b70e0 | 2025-02-11 22:27:09 | Implement support for SVE (Scalable Vector Extension) on arm64. ok patrick@ | ||
| d800967e | 2025-02-11 20:43:46 | clarify behaviour of -s option; from jan stary ok millert | ||
| 0eb55e79 | 2025-02-11 19:28:45 | Make session_update take a struct peer pointer as first argument like all other functions in packet processing. While there also improve the "no such peer" error message so that it is clear which one was triggered. OK tb@ | ||
| 10a2be2b | 2025-02-11 16:22:37 | Fix stupid bug in previous (handle _CID being a Package type) | ||
| d47bdb84 | 2025-02-11 14:58:11 | Keep the new p_pledge field struct proc in sync upon execve(2). Regression caught by regress/sys/kern/pledge/execpromise. ok deraadt@ | ||
| dc62a47c | 2025-02-11 14:44:52 | If rpki-client kills an rsync process via SIGTERM ignore the SIGTERM exit. Do not treat that SIGTERM as an unexpected program termination that should be reported and have rpki-client exit non-zero at the end of its run. rsync intercepts the SIGTERM and exits but openrsync does not so this only affects openrsync. Problem noticed by job@ OK tb@ | ||
| 783dad9c | 2025-02-11 14:29:05 | Clear the right memory in the RFC 8950 handling inside capa_neg_calc(). Obvious copy paste error which was harmless. OK tb@ | ||
| 3d82e387 | 2025-02-11 12:55:05 | bring back local change to disable panel self refresh should re-resolve display issues on Dell XPS 13 7390 reported by James Cook on bugs@ | ||
| 06a6b4fa | 2025-02-11 12:07:26 | Handle _CID being a Package type, in which case we'll use the first item in the Package as the cid value to match against. This will allow pckbc@acpi to match on some chromebooks. ok kettenis@ | ||
| e0b0180b | 2025-02-11 07:54:52 | define CONFIG_FRAMEBUFFER_CONSOLE used in inteldrm when deciding if an fb is too big for stolen memory | ||
| 8d506a4c | 2025-02-11 05:18:02 | make totalram_pages() return long needed as callers shift the result left by PAGE_SHIFT without casting | ||
| e79a733a | 2025-02-11 03:54:20 | avoid %pR format strings in intel_memory_regions_hw_probe() debug | ||
| d288aa1f | 2025-02-10 23:19:26 | include arguments the command was invoked with, and operating system name, version and architecture in startup debugging output; ok dtucker | ||
| c6789490 | 2025-02-10 23:16:51 | include line number in Match debug messages, makes it a little easier to see what's going on | ||
| c7df606a | 2025-02-10 23:00:29 | fix "Match invalid-user" from incorrectly being activated in initial configuration pass when no other predicates were present on the match line | ||
| ebbd7b19 | 2025-02-10 20:40:26 | Fix pasto. Spotted by FUKAUMI Naoki. | ||
| 42051861 | 2025-02-10 18:09:10 | Print error message about missing config file. dhc6leased(8) does not work without one, as oposed to dhcpleased(8) from where this code came. Noticed by claudio. | ||
| e68d79e3 | 2025-02-10 16:45:46 | A syzkaller report was diagnosed by semarie, and found a namei-related sleeping system call which was re-inspecting p->p_p->ps_pledge in one thread, after another thread had reduced the promises by calling pledge(), with promises which would have prevented that syscall from being called in the first place. This inconsistant promise view is dangerous. So let's change pledge semantics a tiny bit: We copy the per-process p_p->ps_pledge value to per-thread p_pledge at invocation of each system call, so that the configuration is stable. This method avoids increasing the cost of pledge checks. ok claudio kettenis semarie | ||
| ba453f40 | 2025-02-10 15:06:57 | Fix TCP maximum segment size with IPsec. When IPsec is used, if_get(m->m_pkthdr.ph_ifidx) returns enc0. Its if_mtu is 0 which results in negative mss. After fixing a signed integer comparison bug with imax(), tcp_mss_adv() used mssdflt, which is 512. So the TCP SYN cache sent packets with a small maximum TCP segment number. The underlying problem is, that SYN cache used the incoming interface m->m_pkthdr.ph_ifidx for the outgoing MTU. The correct way is to use the route of the destination address like tcp_mss() does it. The SYN cache has a struct route which can be used. An additional route lookup does not happen as the route is cached and will be reused by ip_output(). OK mvs@ | ||
| 72218500 | 2025-02-10 14:42:13 | Fix spelling in log warnings Thanks to Marco D'Itri for reporting | ||
| 719e8131 | 2025-02-10 11:41:19 | Although one would expect systems emulating the legacy PS/2 keyboard controller to do this faithfully, there are more and more systems which use creative interrupt configurations differing from the ISA defaults, and cause pckbc@isa to not behave correctly, making these keyboards (and sometimes trackpads, too) unusable. This commit introduces a pckbc@acpi attachment, which will attach instead of pckbc@isa if it detects an interrupt configuration which would not be handled correctly by the isa attachment. This unbreaks, among other things, the keyboards in various ChromeBook. ok kettenis@, thanks to everyone who tested. | ||
| 4f6ac763 | 2025-02-10 09:42:09 | avoid %pV %ps format strings in __drm_dev_vprintk() | ||
| 170d0829 | 2025-02-10 09:28:00 | stop printing pid and calling function in dev_printk() | ||
| 76a5afcb | 2025-02-10 08:18:23 | Align index numbers in trees, from David Mandelberg, GitHub issue 4360. | ||
| a5de3193 | 2025-02-10 08:14:32 | Add display-message -C flag to update pane while message is displayed, GitHub issue 4363 from Vitaly Ostrosablin. | ||
| 0ebf3621 | 2025-02-10 01:51:11 | drm/amd/display: Add hubp cache reset when powergating From Aric Cyr 8eb4d51b44c7f79e27bef8dbb4f1f068c10396f4 in linux-6.12.y/6.12.13 01130f5260e5868fb6b15ab8c00dbc894139f48e in mainline linux | ||
| e26ddf00 | 2025-02-10 01:48:29 | drm/amd/display: Reduce accessing remote DPCD overhead From Wayne Lin f488b53b54435f9ac5fe897b0e483a91240ee5f4 in linux-6.12.y/6.12.13 adb4998f4928a17d91be054218a902ba9f8c1f93 in mainline linux | ||
| a664c55f | 2025-02-10 01:44:13 | drm/amdgpu: fix gpu recovery disable with per queue reset From Jonathan Kim d9cc477e77c622f3b595c62b1f37563c7d641214 in linux-6.12.y/6.12.13 86bde64cb7957be393f84e5d35fb8dfc91e4ae7e in mainline linux | ||
| 9ab9d937 | 2025-02-10 01:42:40 | Revert "drm/amdgpu/gfx9: put queue resets behind a debug option" From Alex Deucher fd3ea4d5493f4907d9e1f2834dcd3742ab158446 in linux-6.12.y/6.12.13 32f00289698189b813942f37626218fd473e7302 in mainline linux | ||
| 00fe0701 | 2025-02-10 01:40:19 | drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() From Jiang Liu 495497c6e7f7a175f6f28b733408eff834a31e13 in linux-6.12.y/6.12.13 60a2c0c12b644450e420ffc42291d1eb248bacb7 in mainline linux | ||
| 12a4c494 | 2025-02-10 01:38:56 | drm/amdgpu/vcn: reset fw_shared under SRIOV From Bokun Zhang 833b813b7fdab90220a0938953586ed3a87d7076 in linux-6.12.y/6.12.13 3676f37a88432132bcff55a17dc48911239b6d98 in mainline linux | ||
| f9813dd0 | 2025-02-10 01:37:28 | drm/connector: Allow clearing HDMI infoframes From Derek Foreman 4128fb6a69bf3bf8032bfdeb0cc6919b80a428b2 in linux-6.12.y/6.12.13 d34357743b360c99903b5a59daab08f55b2f41a1 in mainline linux | ||
| 30cdf4b4 | 2025-02-10 01:35:22 | drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table From Ivan Stepchenko 0b97cd8a61b2b40fd73cf92a4bb2256462d22adb in linux-6.12.y/6.12.13 357445e28ff004d7f10967aa93ddb4bffa5c3688 in mainline linux | ||
| 9b0ca61c | 2025-02-10 01:32:56 | drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() From Christophe JAILLET e656f04ecd52c63cb4ced21bb933d327dd547aa2 in linux-6.12.y/6.12.13 a3300782d5375e280ba7040f323d01960bfe3396 in mainline linux | ||
| 275cd30c | 2025-02-09 18:24:08 | In a section 1 manual, use the plain English words "standard output" rather than the overly technical abbreviation "stdout" - we are not talking about a device file or a FILE * object here. Issue reported by <onf at disroot dot org> on the groff mailing list. | ||
| 045bbcac | 2025-02-09 18:15:23 | Fix a markup glitch: In a section 1 manual, use the plain English words "standard output" rather than the overly technical abbreviation "stdout" - we are not talking about a device file or a FILE * object here. Issue reported by <onf at disroot dot org> on the groff mailing list. | ||
| 6021acf1 | 2025-02-09 12:14:13 | Factor out the logic on how to stop a process from single_tread_set() into process_stop(). This logic will be used by the signal stop code soon. OK mpi@ | ||
| d2e1daa0 | 2025-02-08 10:12:00 | Cache CRLs in issuer cache The issuer cache holds a pair of SHA-512 of parent and child cert plus the result of the signature verification. Since CRLs also have a cached hash of their DER, we can easily add them to the same cache. This way we also avoid the cost of repeated signature verification for CRLs. For ordinary workloads the cache is larger than necessary and it won't currently take up more space than ~8M anyway, so the cost of doing this is negligible. For applications like rpki-client where the same (CA, CRL) pair is used to verify multiple EE certs, the gain is significant. In fact, the current worst case is a single pair being used for > 50k EE certs, responsible for about 20-25% of the total runtime of an ordinary rpki-client run if a hw-accelerated version of SHA-2 is available and even more if it isn't. In both cases the cost of processing of this pair is reduced by more than an order of magnitude. The implementation is a translation of x509_verify_parent_signature() to the case of CRLs and is entirely trivial thanks to the cache's design. Found while investigating a performance bottleneck found by job tested by job ok beck | ||
| 2347e6ed | 2025-02-08 03:41:36 | Move X509_NAME_print() next to its only internal caller Fix includes while there | ||
| bd8a446d | 2025-02-08 01:11:55 | rework "Default IPv6 router?" to behave like the rest The only interactive question backed by ksh(1)'s select has a few drawbacks: no ! or ? support, no record in the response file and unexpected behaviour. Switch to ask_until() like 'Default IPv4 route?' and 'Access Point?' to fix all this; now one can drop into a shell without restarting an install to follow route(8)'s last EXAMPLE. florian likes it OK afresh1 | ||
| 953cafab | 2025-02-08 01:04:56 | x509_verify_parent_signature(): no need to bump pkey's refcount The parent certificate outlives the signature check, so we don't have to take a refcount of its pubkey and then release it again. ok beck | ||
| 71686e93 | 2025-02-08 01:01:31 | x509_verify: missing verify error on cached signature mismatch If a signature mismatch is cached, the same error should be passed to the verify callback as if the mismatch was detected by doing the calculation, rather than falling back to the "unable to find the issuer cert locally". ok beck | ||
| 24e5b720 | 2025-02-07 23:08:48 | Respect checksum offloading in dhcrelay(8) and dhcrelay6(8). When sending IP packets over virtual machines on the same host, vio(4) can offload the checksum and never calculate it. As neither sender nor host calculate checksum, it is always wrong, and the receiver has to check a flag. A similar fix has been commited to dhcpleased(8) and dhcpd(8). RFC 1071 recommends to verify the checksum by calculating it over the packet including the checksum and compare to 0. That is also what our kernel does. Convert the logic to that algorithm. tested and OK jan@ | ||
| 3b1132f5 | 2025-02-07 22:05:15 | Print RAS and SVE CPU features. ok tb@, mglocker@ | ||
| c0f05be6 | 2025-02-07 21:56:04 | Rework checksum validation for incoming UDP in dhcpleased(8). RFC 1071 recommends to verify the checksum by calculating it over the packet including the checksum and compare to 0. That is also what our kernel does. Convert the logic in dhcpleased(8) to that algorithm. tested and OK jan@ | ||
| 17e47b48 | 2025-02-07 21:48:26 | Respect checksum offloading for incoming UDP in dhcpd(8). When sending IP packets over virtual machines on the same host, vio(4) can offload the checksum and never calculate it. As neither sender nor host calculate checksum, it is always wrong, and the receiver has to check a flag. A similar fix has been commited in dhcpleased(8) a while ago. RFC 1071 recomends to verify the checksum by calculating it over the packet including the checksum and compare to 0. That is also what our kernel does. Convert the logic in dhcpd(8) to that algorithm. tested and OK jan@ markus@ | ||
| a57a1649 | 2025-02-07 21:22:23 | sync from unbound-1.21.1 to avoid some whitespace diffs | ||
| c25c3844 | 2025-02-07 17:25:50 | grow size of media | ||
| d3bc0aaa | 2025-02-07 13:37:11 | whitespace | ||
| 4ce92a75 | 2025-02-07 11:57:17 | reduce the diff to linux |