===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/74.html,v
retrieving revision 1.79
retrieving revision 1.80
diff -c -r1.79 -r1.80
*** www/74.html 2023/10/14 19:53:05 1.79
--- www/74.html 2023/10/14 21:13:43 1.80
***************
*** 116,122 ****
On arm64, use the deep idle state available on Apple M1/M2 cores
in the idle loop and for suspend, resulting in power savings.
--- 116,122 ----
On arm64, use the deep idle state available on Apple M1/M2 cores
in the idle loop and for suspend, resulting in power savings.
***************
*** 498,504 ****
the RGMII interface before taking the PHY out of reset.
Improve dwqe(4) and
determine PHY mode and pass the appropriate flags down to the PHY when
! we attach it.
Report in dmesg(8) on
which gmac the dwqe(4)
driver is attaching to.
--- 498,504 ----
the RGMII interface before taking the PHY out of reset.
Improve dwqe(4) and
determine PHY mode and pass the appropriate flags down to the PHY when
! attaching.
Report in dmesg(8) on
which gmac the dwqe(4)
driver is attaching to.
***************
*** 594,618 ****
Security improvements:
! - We enabled support for branch target identification (BTI) in both
the kernel and userland. On hardware that supports this feautre, it
helps enforcing control flow integrety by making sure malicious code
cannot jump into the middle of a function.
!
- We enabled support for pointer authentication (PAC) in userland. On
hardware that supports this feature it helps enforcing control flow
integrety by making sure malicious code cannot manipulate a
function's return address.
!
- On the amd64 architecture, we enabled support for indirect
branch tracking (IBT) in both the kernel and userland. On hardware
that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
!
- On the arm64 architecture, we enabled support for branch target
identification (BTI) in both the kernel and userland. On hardware
that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
!
- On the arm64 architecture, we enabled support for pointer
authentication (PAC) in userland. On hardware that supports this
feature it helps enforcing control flow integrety by making sure
malicious code cannot manipulate a function's return address.
--- 594,618 ----
- Security improvements:
! - Enabled support for branch target identification (BTI) in both
the kernel and userland. On hardware that supports this feautre, it
helps enforcing control flow integrety by making sure malicious code
cannot jump into the middle of a function.
!
- Enabled support for pointer authentication (PAC) in userland. On
hardware that supports this feature it helps enforcing control flow
integrety by making sure malicious code cannot manipulate a
function's return address.
!
- On the amd64 architecture, enabled support for indirect
branch tracking (IBT) in both the kernel and userland. On hardware
that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
!
- On the arm64 architecture, enabled support for branch target
identification (BTI) in both the kernel and userland. On hardware
that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
!
- On the arm64 architecture, enabled support for pointer
authentication (PAC) in userland. On hardware that supports this
feature it helps enforcing control flow integrety by making sure
malicious code cannot manipulate a function's return address.
***************
*** 909,916 ****
remove artificial limit of 2 hours on a PIO lifetime.
- Make ypldap(8)
more resilient when some servers are
! misbehaving: keep trying LDAP servers until we get full results from
! one, rather than just until one accepts the TCP connection.
- New wgdescription parameter to
ifconfig(8)
--- 909,916 ----
remove artificial limit of 2 hours on a PIO lifetime.
- Make ypldap(8)
more resilient when some servers are
! misbehaving: keep trying LDAP servers until full results arrive
! rather than just until one accepts the TCP connection.
- New wgdescription parameter to
ifconfig(8)