There's no need to pass in the hrr parameter as it is redundant with
the tls13.hrr flag. This avoids boolean blindness in the caller and
removes a leftover from before we had tls13.hrr.
ok jsing kenjiro
Socket splicing was running on one dedicated kernel thread. This
design comes from the time when softnet was still a soft interrupt.
Now with multiple softnet threads, retire the sosplice thread.
Instead call sotask() from a softnet task queue. Thus it can run
in parallel.
Keep the same softnet to take a bunch of packets from the network
driver, do input processing, and store data in socket buffers. Then
the same thread runs the splicing task, calls somove() and does
output processing. There is no concurrent locking or scheduling,
ideally packets stay on the same CPU. For that sosplice() remembers
the task queue that matches the flowid of the source socket.
OK mvs@
`icmp6errppslim' is the last one of locked `icmpv6ctl_vars'. It is the
integer loaded once within icmp6_ratelimit() which called from two
paths. The first one is icmp6_do_error() which always called in the endo
of error path. The second one is icmp6_redirect_output() where the usage
is similar to already unlocked `ip6_forwarding', except that
icmp6_ratelimit() called only once. So we don't need to cache
`icmp6errppslim' anywhere.
Since icmp6_sysctl() became mp-safe, unlock it too.
ok bluhm.
This is needed by Python 3.14, extending the urllib3 nonsense further.
This is a trivial getter and it is exercised by the libssl unit test
I added for urllib3 (which can now use dynamic linking for libcrypto).
Fixes https://github.com/libressl/portable/issues/1202
Thanks to @orbea for the report.
ok kenjiro
PS: X509_VERIFY_PARAM_get_flags() and X509_VERIFY_PARAM_get_peername()
aren't const correct. Fixing this will require some doing...
This allows a const correct SSL_SESSION_dup() implementation at the cost
of casting away const due to the const incorrect CRYPTO_dup_ex_data()...
(I should look into fixing that, but things like rust-openssl make that
hard at this point in the release cycle.)
ok kenjiro (as part of a larger diff)
From Alex Deucher
90653d924b6bed7455fa2db73065398291647220 in linux-6.12.y/6.12.55
e8529dbc75cab56fc3c57830d0fd48cbd8911e6c in mainline linux
drm/amdgpu: fix SPDX header on cyan_skillfish_reg_init.c
From Alex Deucher on amd-gfx mailing list
intended help message instead.
Passing a char variable (maxpart) to a '%s' format makes
fprintf() unhappy. Use the actual string (partitionnames)
instead.
Nuke maxpart and set partitionnames depending on
MAXPARTITIONS.
ok deraadt@
