The last expat update introduced whitespace between # and define, which
resulted in a bogus 'Version: ..' line in expat.pc. Teach the regex about
such whitespace. Unbreaks the build of graphics/rawtherapee.
ok matthieu
Overall design comes from deraadt@. The calculation method of DSO
address in traced process virtual address space was suggested by
kettenis@. Many others provided their feedback and ideas in earlier
versions of this change.
OK claudio@
GuC submission was disabled as it sometimes failed to initialise
on my Alder Lake machine (T14 Gen 3 Intel). This continues to happen
on some boots.
However, not using GuC submission results in warnings and graphical
glitches on Meteor Lake (T14 Gen 5 Intel). So instead of disabling
GuC submission for all platforms, disable it just for Alder Lake-P/N.
GFP_ATOMIC so pool_get() will be called with PR_NOWAIT
Avoids 'non-zero mutex count: 1' panic when GuC submission is enabled
on gen 12 (Alder Lake, Meteor Lake).
assertwaitok
pool_get
idr_alloc
ida_alloc_range
new_guc_id
assign_guc_id
pin_guc_id (takes submission_state.lock)
terminating a FUSE session.
The primary change is:
The Linux libfuse implementation of fuse_loop(3) terminates either when
the kernel sends FUSE_DESTROY or, if fuse_set_signal_handlers(3) has
been called, when it catches one of SIGINT, SIGHUP, or SIGTERM.
The OpenBSD implementation behaves similarly when the file system is
unmounted with umount(8). However, it tries to unmount the file system
automatically when one of the above signals is caught. It should
instead just terminate and rely on fuse_unmount(3) being called later by
the FUSE file system daemon as part of its termination.
Additional changes:
- The FUSE file system daemon's destroy handler is the last operation
called after the file system is unmounted. Before, it was incorrectly
being called when FBT_DESTROY is received by fuse_loop(3). The destroy
handler is now called in fuse_destroy(3).
- The file system is no longer unmounted when the device is closed.
fuse_unmount(3) now closes the FUSE device before unmount(2) is called to
prevent deadlocks due to the kernel trying to send FBT_DESTROY when
fuse_loop(3) is no longer active and there listening for messages from
the kernel.
The side effect of this change is that if a FUSE file system daemon
crashes, the FUSE device is automatically closed but the file system is not
unmounted. It must be unmounted manually with umount(8).
- Man page updates to reflect this change and correct a few other minor
errors.
OK claudio@
Call x509_init_oid() from serialize_ccr_content(). Create the signedobj_oid
and ccr_oid with OBJ_dup(). This way we don't need the NID to be built into
libcrypto and can prolong OpenSSL 1.1 support a little.
ok job
We don't suport multiprocessor with SEV-ES, yet. We lack per-cpu GHCBs
and custom cpu startup functions. Until then, prevent the application
processors from attaching, to avoid delays or hangs during boot.
ok mlarkin@
to a source address range. Previously this was logged at level
VERBOSE, which hid enforcement actions under default config
settings.
ok dtucker, markus
When a regular HTTP transfer with content-length is finished check that
the buffer is actually empty. It seems some proxies violate this and
then rpki-client runs into an assert in http_done(). Instead fail the
transfer and let the state machine figure out how to fall back.
Reported by and OK job@
At least in theory we could still have dirty user windows that haven't been
written out yet when we call uvm_purge() which would result in a page fault
if we have removed the mappings for the stack from the pmap.
ok deraadt@, claudio@
If the lifetime is more than 10 days renew if less than 1/3 of the
lifetime is left. Otherwise renew after 1/2 of the remaining lifetime.
Since we suggest to run the cronjob daily, this is capped at 3 days
remaining lifetime to have the opportunity to run the cronjob at least
twice.
Input & OK tb, sthen
Putting it in now because it gives buypass users 60 days of warnings
instead of 30 that their certificate can't be renewed (pointed out by
sthen).
This prevents routing loops in case only parts of the delegated prefix
are configured on interfaces.
Pointed out by phessler some time ago.
Fix a double whitespace while here; pointed out by tb
OK tb
There is no need to constantly ask the kernel for the interface name,
it is not going to change.
We pass the interface name from the frontend to the engine because
it is a fixed length string that is only used to find the
configuration for the interface and debugging output.
We do *not* pass the name to the main process because that would allow
the frontend to create arbitrary files inside of /var/db/dhcpleased/,
send arbitrary data to the SIOCAIFADDR et. al. ioctls, and mess with
the bpf socket.
OK tb
allocated them. However, memory allocation in sr_hibernate_io() is
pretty difficult. So we are going to try to do it as a static struct
in bss.
ok mlarkin kettenis
