in C source file to define option features.
Define proper options in each Makefile per ${MACHINE_ARCH} variable instead.
Previously if a host is x86 and it has /usr/mdec/mbr file in its system,
tools fdisk implicitly installs it as mbr bootcode even for !x86 targets.
- CR4_VMXE: VMX operations, used for hardware virtualization.
- CR4_SMXE: SMX operations, used for safer Mode Extensions (ground for
Intel's TXT - Trusted Execution Technology - platform).
- CR4_FSGSBASE: enable *FSBASE and *GSBASE instructions, for R/W access
to FS/GS segment base addresses.
- CR4_PCIDE: enable Process Context IDentifiers (other architectures may call
these "address space identifiers").
- CR4_OSXSAVE: enable xsave and xrestore instructions
- CR4_SMEP: Supervisor Mode Execution Prevention. Allows enforcing --x rights
from cpl 0.
From Intel® 64 and IA-32 Architectures Software Developer’s Manual,
March 2012.
Align declarations.
CPUID_* bits for these features follow.
- religious holidays taken from Wikipedia where available
- floating days (i.e. X day of Y month) taken from cal(1)
- NetBSD releases taken from http://www.netbsd.org/releases/formal.html#history
- hopefully somebody will update this for the 6.0 release
Hopefully, these days will be correct for the first year of NetBSD 6.0.
as shell script fragments, add example to the route.conf man page of
evaluating variables.
Remove route.conf man page statement that staticroute is enabled in
rc.conf since that's incorrect.
Wrap the staticroute while in parens, per <apb> & <christos>, and
quote all the arguments for the evals.
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening
* ssh-add(1): new -k option to load plain keys (skipping certificates)
* sshd(8): Add wildcard support to PermitOpen, allowing things like
"PermitOpen localhost:*". bz #1857
* ssh(1): support for cancelling local and remote port forwards via the
multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host"
to request the cancellation of the specified forwardings
* support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before
using it to extract xauth data so that it can't be used to play local
shell metacharacter games.
* ssh(1): unbreak remote portforwarding with dynamic allocated listen ports
* scp(1): uppress adding '--' to remote commandlines when the first
argument does not start with '-'. saves breakage on some
difficult-to-upgrade embedded/router platforms
* ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class,
but there is an "AF21" class
* ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during
rekeying
* ssh(1): skip attempting to create ~/.ssh when -F is passed
* sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943
* sshd(1): send tty break to pty master instead of (probably already
closed) slave side; bz#1859
* sftp(1): silence error spam for "ls */foo" in directory with files;
bz#1683
* Fixed a number of memory and file descriptor leaks
all we decided to adopt the Linux API, therefore there is rationale
to stick to it.
No standard tells us what to do, and our extended attribute API has not
been used in a release, therefore we do not break anything, and we get
more easily compatible with programs using the Linux extended attribute
API.
Note that FreeBSD and MacOS X return ENOATTR. FreeBSD has its own API
and MacOS X has a Linux-like API. How did the world get so complicated?
- Remove copy-pasting in error paths, use execve_free_{vmspace,data}().
- Move some code (both in the init and exit paths) out of the locks.
- Slightly simplify do_posix_spawn() callers.
- Add few asserts and comments.
