IABSD.fr/src
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
9e77e174 | 2026-05-25 08:07:48 | More of floating panes redraw path, still mostly using flags which are never set. | |
|
538c1292 | 2026-05-25 07:55:46 | Preserve flags when creating new cells, from Brian Youngs. | |
 |
2a42768b | 2026-05-25 04:40:36 | the waitpid() can only return a real pid. none of the error cases can occur. still, it is good style to check for != -1 before using WIFEXITED(). forgot where i heard about this. | |
 |
ec233620 | 2026-05-25 02:24:07 | don't use an uninitialised value for Chrome EC hello The Chrome EC hello command adds 0x01020304 to the value and returns. We don't check the result, so this wasn't a problem. With llvm 22 this caused a -Wuninitialized-const-pointer warning. | |
|
f33d081c | 2026-05-25 01:56:50 | remove unused cpuconf.h; ok deraadt@ | |
 |
dc5eabd1 | 2026-05-24 17:29:50 | repair one more prototype for a pseudo-device attach function ok jsg@ | |
 |
3ca1fbf9 | 2026-05-24 16:29:51 | sys/net80211: fix use-after-free in ieee80211_add_ess() From Andrew Griffiths | |
|
8e595912 | 2026-05-24 16:28:44 | sys/net80211: fix mbuf leak in ieee80211_amsdu_decap() From Andrew Griffiths OK: stsp@ | |
|
ec01c8d9 | 2026-05-24 16:24:54 | net80211: fix integer underflow in EAPOL-Key Data length validation From Andrew Griffiths OK: stsp@ | |
 |
3dad08fe | 2026-05-24 15:47:39 | bump datasize of the build user to 2.5G on 64-bit arches The tight limit of 2176M for other 64-bit architectures was not enough for sparc64. On 64-bit systems we can afford to be a bit more generous. login.conf merges are always a bit fiddly. ok jca sthen | |
|
397a64f8 | 2026-05-24 15:43:32 | llvm-tblgen with llvm22 on riscv64 requires 3072M from jca | |
 |
dc7540f1 | 2026-05-24 10:36:01 | Fix missing 'compatible' string NUL termination in case the compatible string is => 32 bytes, which caused an out-of-bounds read later on in the code path: - Mimic apliic(4), which uses malloc instead of a fix-width array for the compatible string. - Also set 'ia_namelen', which should enable parsing of a secondary compatible string, if it exists. ok jca@ | |
|
6adc68a2 | 2026-05-24 08:40:43 | Do not crash when freeing layout cell, reported by Jere Viikari. | |
|
222ca78c | 2026-05-23 22:13:17 | sys/nfs_debug: fixed a typo which brokes show nfsreq /f OK: deraadt@ | |
|
19a448b4 | 2026-05-23 16:43:04 | Add missing argument to %unlinked-window-renamed, reported by Andrew Grangaard. | |
|
16f553ad | 2026-05-23 14:56:20 | also allow O_CLOEXEC flag in __pledge_open() | |
|
44dd746f | 2026-05-23 12:27:41 | sys/qwz: handle QoS in native WiFi frames Rebuild the QoS control field for native WiFi RX frames from descriptor metadata before passing them to net80211. On TX, strip the hostside QoS control field when using native WiFi encapsulation, after deriving the TID for the firmware descriptor. OK: mglocker@ | |
|
3031afd3 | 2026-05-23 11:10:57 | Use the global 'nowake' variable for tsleep which doesn't require wakeup. Suggested and ok jsg@ | |
 |
d477f745 | 2026-05-23 07:24:42 | Add missing include for struct refcnt. Spotted while building ipcs(1). ok tb@ | |
|
d9c11f67 | 2026-05-23 07:22:50 | Some code tidying up. | |
|
19a8be4f | 2026-05-23 05:11:32 | Use the real sc address for tsleep identification instead of the stack pointer address. ok deraadt@ | |
 |
1957873d | 2026-05-22 23:10:05 | Introduce reference counters for SysV semaphores to fix the context switch use-after-free after tsleep in sys_semget(). sys___semctl() has no such problems, because we do complete reload and re-check of semaphore stuff, however I like to replace all of them with the only "semaptr != sema[ix]" check. The semaphore was changed, go to the beginning of sys___semctl() and acquire it again. Note, seminfo.semmni only grows, so even if `sema' array was re-allocated, the sema[ix] is still valid. "go for it" from deraadt | |
|
39531c96 | 2026-05-22 21:01:06 | I've noticed slight hiccups on the keyboard input during the battery status update caused by the delay busy loop. Using tsleep instead resolves that. | |
|
719aa3a8 | 2026-05-22 18:11:08 | bin/ksh: preserve tildes in completion Keep leading tilde expressions in the command line after file completion. Expanding ~user to pw_dir during editing bakes the result of an early passwd lookup into the command line; if the account changes before the command is executed, the command uses a stale pathname instead of the current ~user expansion. Completion still performs the lookup needed to enumerate pathname matches, but rewrites matches back to the spelling the user typed and does not leave a completion only lookup in the homedir cache. Also complete bare ~user prefixes from the passwd database, so ~us[TAB] can become ~user before pathname completion continues. Preserving tilde is the default behaviour. OK: deraadt@ | |
|
dbd5cf8c | 2026-05-22 15:22:43 | Tighten up read-only checks on attach-session, detach-client and switch-client so that a user should be able to only detach their own client. Reported by John Walker. | |
|
df993a24 | 2026-05-22 11:55:43 | Work out if a pane is obscured by another one when drawing. | |
 |
9fe2e278 | 2026-05-22 10:12:40 | Ingore packages with invalid prefixlen. Rouge router advertisements with a prefixlen > 128 would make slaacd exit with a fatal error, leading to a denial of service. The same issue exists in dhcp6leased where a rouge prefix delegation would make dhcp6leased exit with a fatal error, leading to a denial of service. Pointed out by Ivan of Quarkslab. input & OK deraadt | |
|
b016a3d7 | 2026-05-22 09:21:32 | Use a union for the data passed around in tty_ctx instead of void *. | |
|
57b766cc | 2026-05-22 09:05:16 | Tidy up a load of different flags and special values in the tty_ctx into a single bitmask. | |
|
c3a83b69 | 2026-05-22 05:02:46 | rfc3779 test: various minor tweaks - include length in hexdump output - show hexdumps also if lengths don't match - more comments and consistency | |
|
54bbd1fe | 2026-05-22 04:41:35 | rfc3779 regress: tweak order of variable declarations | |
 |
8241b14a | 2026-05-22 04:29:01 | Cope with rde_generate_updates() being renamed to rde_enqueue_updates(). | |
 |
8b9ac1b0 | 2026-05-22 01:53:10 | Add support for external account binding. If we're creating a new account with the ACME CA, and we have an EAB key and key ID specified with the new -e command line argument, compute the required hash of the account details and include it in the new account request. feedback from florian@ and tb@ tested against security/pebble and Digicert by me, and against Actalis by rroadrrunner at proton dot me. ok florian@ tb@ | |
|
4bb57d40 | 2026-05-22 00:38:05 | Attach ksmn(4) on 19h/1x devices Tested on: cpu0: AMD EPYC 9354P 32-Core Processor, 3250.01 MHz, 19-11-01, patch 0a101154 and fix the assertion ksmn_ccd_attach to allow for devices with 12 CCDs. ok brynet@ claudio@ | |
 |
a96b59b0 | 2026-05-21 21:12:04 | Replace assert() with a graceful failure by aborting the http request. An overlong HTTP line can fill the receive buffer to its max but then http_get_line() would still return NULL trying to read more data. Since the buffer is full the assert would trigger. Now the http request is terminated. Reported by Frank Denis OK tb@ | |
|
b5766400 | 2026-05-21 18:51:06 | Add the proper mpe interfaces to IFACES so the initial check actually works | |
|
ca78e759 | 2026-05-21 15:20:27 | Rename rde_generate_updates() to rde_enqueue_updates(). OK tb@ | |
|
1fb58cfb | 2026-05-21 14:56:34 | relayd: remove X509_dup() call that leaks memory While there, add error checks for X509_set_{pubkey,issuer_name}(). From Marc Jorge | |
|
e4fe26f2 | 2026-05-21 14:48:58 | For bgpctl show mrt detail print the last change time as an ISO format time. If abs_time is set then switch fmt_monotime() to absolute timestamps. This uses monotime_to_time, gmtime and strftime("%FT%TZ") to get an ISO format timestamp string. While there also adjust get_rel_monotime() to be more like monotime_to_time() and stop treating negative numbers as error. In fmt_monotime() check the monotime against 0 to print 'Never' for timers that are not running. With this bgpctl show mrt detail prints: Last update: 2019-05-08T20:03:06Z OK tb@ | |
|
5a008c95 | 2026-05-21 13:28:17 | Cleanup log messages in rde_prefix.c Try to not use function name in log messages and make them less developer focused. OK tb@ | |
|
3e1dfdd5 | 2026-05-21 13:14:57 | rfc3779 test: exercise IPAddressFamily_cmp a bit more This populates an IPAddrBlocks object with not all that sensible data and tests behavior of serialization and deserialization of this thing. Prior to x509_addr.c rev 1.96 this would call memcmp() on NULL. | |
|
01bb8549 | 2026-05-21 10:53:34 | Add support for the RK8600 regulator used for cpu voltage on Radxa Zero 3 boards. ok kettenis@ | |
|
188c3557 | 2026-05-21 07:28:51 | Pane resizing code for floating panes, mostly by Michael Grant. | |
 |
19a7e1ef | 2026-05-21 05:33:20 | Implement a better fix. The previous fix allowed to overflow in a different spot. This would still only lead to a crash, and would only be reachable by arbitrary users if the admin enabled the agentx socket, and set custom permissions. OK deraadt@, mvs@ | |
 |
e88944ec | 2026-05-21 04:04:57 | mention that compression could potentially leak information about session contents (cf. the CRIME attack on TLS) if a connection allows attacker- controlled traffic over it alongside trused traffic. This might occur in some forwarding scenarios. with deraadt@ | |
|
d047add8 | 2026-05-21 02:50:59 | mention usefulness of request type allow/denylisting for servers accepting untrusted clients | |
|
830cbda0 | 2026-05-21 02:22:18 | document EACESS if __pledge_open() in /usr/share/zoneinfo terminates on a non-regular file ok dgl | |
|
f06abd97 | 2026-05-21 02:20:53 | only allow __pledge_open(2) to open regular files in the /usr/share/zoneinfo directory. other file types return EACCES. ok dgl | |
|
adc01af7 | 2026-05-20 20:55:57 | In the vscsi_callback() handle ISCSI_SCSI_STAT_CHCK_COND more carefully. Especially the embedded sense data needs to be extracted respecting the real buffer length. Make sure at least 2 bytes are availabe for the lenght and also check that the resulting len is not bigger then the buffer itself. Reported by Frank Denis OK deraadt@ | |
|
441fd885 | 2026-05-20 20:32:50 | Also copy aspa_state and aspa_generation in path_copy() this way the linked db copy of the path gets the right ASPA cache data. OK tb@ | |
|
3ed264f7 | 2026-05-20 19:08:10 | sync | |
|
be9eb1ba | 2026-05-20 18:33:21 | Introduce a force_update flag to force pend_prefix_add() calls in adjout_prefix_update(). peer_dump() can be called with a preloaded Adj-RIB-Out and in that case the code needs to force updates out. This is done instead of walking the table twice -- once with peer_dump() and then with peer_blast(). Using the force_update flag there ensures that all entries are properly sent to the peer. OK tb@ | |
 |
f5d7ccb6 | 2026-05-20 15:43:07 | sndiod: Allow control slots to have NULL opt pointer This case is not encoutered yet, but to control non-audio properties the control slots must work with no opt structure. | |
|
3dcbd498 | 2026-05-20 15:29:46 | Adjust last commit, the loop termination was not quite correct. Set pte to NULL before the inner pt_get loop so that the outer loop terminates correctly on (!found && pte != NULL). Since pte is NULL now plen needs to be set earlier as well. OK tb@ | |
|
0de9dded | 2026-05-20 14:56:38 | sync | |
|
8f4934db | 2026-05-20 14:00:59 | Use clearer semantics on how rde_generate_updates is called. Adjust prefix_evaluate and prefix_evaluate_nexthop so that rde_generate_updates() is only called with a few options. Either new is valid or old is valid. If both are invalid then there is no need to call rde_generate_updates(). If both are valid only new matters and old_pathid_tx is set to 0. In prefix_evaluate() most calls are with either new or old set to NULL. If both are set then new->path_id_tx == old->path_id_tx. In prefix_evaluate_nexthop() if old was valid then new becomes invalid but if old was invalid new may still be invalid. OK tb@ | |
|
64bedd8e | 2026-05-20 13:53:17 | Respect RTR min-version in the implicit downgrade path and release activity lock when closing the connection. Check min_version in the implict downgrade case and error out if the suggested version is too low. Also trigger the RTR_EVNT_NEGOTIATION_DONE event only after parsing all of the header. If the PDU was bad don't trigger this event. In the rtr_fsm() when closing a connection check the state of the active_lock and if the lock is held, reset the cache, release the lock and recalculate the sets. The internal state is corrupt if a connection error triggerd during an exchange so it makes no sense to carry a bad cache around. OK tb@ | |
|
cc1ae2aa | 2026-05-20 13:27:41 | sndiod: Add a reference counter to the port structure Using a counter is simpler than (ab-)using the midi endpoint bitmaps to figure out if the port is in use. In turn this allows holding a reference to the port without involving midi endpoint connections. This change also reduces the differences between MIDI ports and audio devices: less logic, less bugs. | |
|
aeb04560 | 2026-05-20 13:26:57 | sndiod: When connecting midi endpoints, check their modes As sndiod always uses IN|OUT, the behavior is unchanged. | |
|
712016e9 | 2026-05-20 13:26:02 | sndiod: Save a pointer to the struct opt associated to the midi endpoint As the socket code holds a reference to the struct opt, it's simpler to just save it and release it when the socket is closed. This avoids iterating over the full set of midi endpoint structures. No behavior change | |
|
eae1ec4b | 2026-05-20 13:24:58 | sndiod: Unlink the MIDI port from the socket when its closed Not unlinking the port is bad style and might keep the port open after the socket is closed. | |
|
ae684bfa | 2026-05-20 13:15:31 | sndioctl: Allow list elements to be added or removed | |
|
715c3a87 | 2026-05-20 13:12:31 | sndioctl: Split the parse_modeval() function No behavior change | |
|
40c5a1ee | 2026-05-20 13:03:14 | sndiod: Fix confusion between OPT_NMAX and DEV_NMAX Both macros have the same value, so no behavior change. | |
|
3388eece | 2026-05-20 13:02:04 | sndiod: Add the server.mode control making the setting dynamic The default mode remains "-m play,rec" but now it can be changed with sndioctl(1). If the server is switched to play-only mode, then existing clients will start recording silence. Similarly if it's switched to rec-only mode, clients are muted. ok armani, deraadt, rsadowski | |
|
05603cc9 | 2026-05-20 10:56:46 | Increase escape delay if the buffer contains a partial paste end, fixes issues with at least Windows Terminal. From jing dot empty at gmail.com GitHub issue 5088. | |
|
18679607 | 2026-05-20 09:56:56 | Walk all covering routes for bgpctl show rib out <IP> If a more specific route is filtered in the Adj-Rib-Out than the initial pt_lookup() call will return a route that does not match. By walking up if nothing was found the exported route is eventually found. OK tb@ | |
|
2d03e0d5 | 2026-05-20 08:54:40 | Some more trivial floating panes bits. | |
|
1e581a65 | 2026-05-20 07:49:55 | increase alignment to avoid 'error: Relocation not aligned' with llvm 22 ok kettenis@ | |
 |
e11f9acf | 2026-05-20 06:23:13 | Solve the signed integer overflow in flush_line() sort | |
|
4cd34baf | 2026-05-20 04:23:32 | add more AMD "Krackan Point" device ids based off a ThinkPad X13 Gen 6 / 21RM dmesg from claudio@ ok claudio@ | |
|
a439a24c | 2026-05-20 04:22:12 | add more AMD "Krackan Point" device ids based off a ThinkPad X13 Gen 6 / 21RM dmesg from claudio@ ok claudio@ | |
|
d39f5479 | 2026-05-19 21:15:21 | Fix memory leak when freeing rx descriptors. ok kettenis@ | |
 |
b68ca756 | 2026-05-19 20:32:59 | Pre-allocate the bus dma maps for the rxbufs to avoid calling bus_dmamap_create(9) from interrupt context. ok mglocker@ | |
|
2c624edb | 2026-05-19 17:50:23 | Do not zeroize already zeroed buffer in sysctl_sysvipc(). The KERN_SYSVIPC_SEM_INFO case was a part of the big semaphores diff, KERN_SYSVIPC_SHM_INFO case to the next one. ok deraadt | |
|
309af577 | 2026-05-19 16:56:59 | Implement bounce buffers for arm64. Almost identical to the riscv64 version, but for now this strips the BUS_DMA_64BIT flag since the DMA constraints on arm64 also include bus constraints. This will be fixed in a future diff. (files missed in the previous commit) | |
|
3fe33483 | 2026-05-19 16:18:04 | sync | |
|
ddd72ab0 | 2026-05-19 13:12:45 | Floating panes full redraw code, by Michael Grant. | |
|
01ba3426 | 2026-05-19 13:05:47 | Implement bounce buffers for arm64. Almost identical to the riscv64 version, but for now this strips the BUS_DMA_64BIT flag since the DMA constraints on arm64 also include bus constraints. This will be fixed in a future diff. | |
|
9fe9a68c | 2026-05-19 12:55:40 | Fix capa test since add-path send best max 3 is no longer valid. | |
|
c787a87f | 2026-05-19 12:23:56 | regen | |
|
30c514b4 | 2026-05-19 12:23:41 | Improve add-path send parser. Error out if max is used with best. Unify error messages. OK tb@ | |
|
194cc25f | 2026-05-19 12:23:13 | add a Navi 33 id 7481 rev c7 is used in the Steam Machine found in libdrm amdgpu.ids | |
|
9c4974fc | 2026-05-19 12:16:25 | Some more easy floating panes bits. | |
|
ad981a67 | 2026-05-19 11:39:08 | Another 'to long' that is too short. OK tb@ | |
|
8b5b5e7b | 2026-05-19 11:25:57 | Adjust handling of limits in up_generate_addpath() The maxpaths limit is straightforward but the handling of plus is more sublte. If plus == 0 then no extra paths should be added. So the default is to not include any extra paths (unless add-path send all is used). If plus is set and mmaxpaths is 0 add up to plus additional paths. If plus and max are used together the first limit reached will break the loop. OK tb@ | |
|
04f92393 | 2026-05-19 10:44:42 | remove '#undef _' added for Windows CE ok jsing@ tb@ | |
 |
b4a3c836 | 2026-05-19 10:36:02 | Make qwx(4) send the PMF good-bye deauth frame when hopping out of RUN state. In addition to sending the PMF good-bye deauth frame from qwx_stop() we must also send it when leaving RUN state for other reasons. Provided we are still running with IFF_RUNNING since otherwise qwx_stop() has already sent the deauth frame. And provided the AP did not just send a deauth frame to us, which also covers the background-scan/roaming case where a deauth frame is sent via ieee80211_node_tx_stopped() and net80211 is faking our old AP's deauth event. | |
|
fed307ce | 2026-05-19 10:26:03 | More (currently disabled) bits for creating floating panes, from Michael Grant and Dane Jensen. | |
|
ba7ac8c7 | 2026-05-19 10:10:03 | Only send the PMF good-bye deauth frame if the WPA handshake has succeeded. If the RSN port is not marked valid then we have never exchanged keys with our access point and sending a correctly encrypted deauth frame is impossible. | |
|
d2f03c44 | 2026-05-19 10:06:35 | Ensure no new tasks get scheduled while IFF_RUNNING is set in qwx_stop(). This should prevent a crash I've seen happen once where the newstate task was scheduled after an incoming auth response frame while userland was in qwx_stop() (i.e. ifconfig qwx0 down). The newstate task then crashed because qwx_stop() had already begun to tear down driver state. Fix interlock between the (badly named) CRASH_FLUSH flag which prevents new tasks, and IFF_RUNNING which indicates whether the device is ready. qwx_stop() now clears IFF_RUNNING before the CRASH_FLUSH flag is cleared. There was a small window in qwx_stop() where IFF_RUNNING was still set while CRASH_FLUSH was clear again. To make this work with PMF we need to send our good-bye deauth frame earlier since sending management frames requires IFF_RUNNING to be set. | |
|
ef65d4e9 | 2026-05-19 09:48:14 | More bits for pane Z index tracking from floating panes, mostly by Michael Grant. | |
|
901b347b | 2026-05-19 09:29:08 | sys/qwz: implement regulatory domain for 2.4Ghz and 5Ghz without regulatory domain support it uses world, and some chanells not available from firmware point of view when AP can actually use it. OK: mglocker@ | |
|
b95e02f6 | 2026-05-19 09:23:36 | libcrypto/ui: mechanically rename the union _ into u While mainstream OS use compilers that understand anonymous unions, which would be cleaner here, some special snowflakes rely on LibreSSL in their stacks and they sometimes use very old and special compilers. There is no need to impose a burden on them. There is far more impactful and important cleanup that could be done in the ui pit. This obviates jsg's upcoming removal of a windows-ce workaround. discussed with jsing | |
|
e65d7212 | 2026-05-19 09:17:44 | libcrypto/ui: move ui_string_st to ui_lib.c. It's only used there. | |
|
5aa5248c | 2026-05-19 09:00:11 | Prefer ic_bss over the ephemeral node in the scan tree, if possible. From mglocker@ via qwz(4) | |
|
3ebe00ef | 2026-05-19 08:57:27 | Add missing dma syncs after copying firmware images to DMA buffers. From mglocker@ via qwz(4). | |
|
093a32d2 | 2026-05-19 08:55:46 | The firmware listen_intval is in units of beacons, not TU. Set it properly. From mglocker@ via qwz(4). | |
|
5f55f2ba | 2026-05-19 08:53:41 | Add peer to qwx(4) firmware after starting the vdev, not before. From mglocker@ via qwz(4) On ath12k this fixed a firmware crash by avoiding the peer getting created with a half-initialized vdev. The fix does not hurt on ath11k so apply it to qwx(4) as well. | |
|
8d24b512 | 2026-05-19 08:21:11 | In lsa_check() handling of LSA_TYPE_INTER_A_PREFIX fix len calculation for the lsa_get_prefix() call. Reported by Stuart Thomas OK tb@ deraadt@ |