| Commit message (Collapse) | Author | Files | Lines |
|---|
|
change the behavior on the system whose x2apic is disabled by BIOS.
ok sf
|
|
|
|
ok dtucker
|
|
|
|
with 'cvs up'. Prompted by a question by patrick keshishian, diff
by Raf Czlonka.
ok phessler, jca; mild opposition from schwarze
|
|
more fat and avoid introducing unnecessary variables.
with & ok tj, ok deraadt, prodded by robert
|
|
The only place where this could potentially get used was the
strftime(3) for fprintf(3) "job %s at %s\n" to stderr. We don't
want base system utilities to talk to users in foreign languages.
No functional change on OpenBSD which doesn't provide any non-standard
LC_TIME locale anyway.
Patch from Jan Stary <hans at stare dot cz>.
In main(), exit -> return while here.
OK millert@
|
|
|
|
|
|
|
|
been the default for ages, and I see no valid reason to be able to
disable it. ok natano@
|
|
instead of hardcoding it. With this we can change the error type to
something else and get a more accurate description of what happened.
ok reyk@
|
|
return the error code and the return value to signal if the validation
was successful or not. With this we can signal some errors in the spec
that uses the value 0 (zero).
ok reyk@
|
|
|
|
intead of using errno as an implicit argument
ok reyk@
|
|
raise the mtu to 9380 bytes so we can take advantage of the extra space.
i need to revisit the macro names at some point.
|
|
my early revision board doesnt like it at all
|
|
so c++ programs can use them.
OK jca@
|
|
|
|
This enables the installer to verify local set files even if the
prefetch area would not fit on the local disk.
OK krw@ on a similar diff
Idea from and OK naddy@
Feedback and OK tb@
|
|
|
|
the position to go past snapend truncate. Found with afl.
|
|
is already a trunc label with the same printf in the function.
|
|
to fetch local sets without a SHA256.sig file in a directory
unreachable by the unprivileged users. The missing SHA256.sig
file caused an early exit from the for-loop where the _unpriv
variable is unset in case of local sets.
- Move the check of the set location (local/net) to the top
- Set the ftp command title based on the _srclocal variable
- Remove the now unnecessary second _unpriv=
OK naddy@
|
|
From sthen@
|
|
|
|
Brings us one step closer to having disabled by default vms is vm.conf(5),
which can be started with vmctl(8).
Input, testing and OK reyk@. Thanks.
|
|
Skip a network port if its PHY cannot be found.
Tested on Lanner MR-326B (has fdt) by pirofti@, and
on EdgeRouter Pro (has fdt) and on EdgeRouter Lite (no fdt) by me.
|
|
when the system board is unhandled.
|
|
Further improve vmm's security model by restricting pledged vmm
processes to only do VMM_IOC_ ioctls on their associated VM (these
ioctls are _RUN, _RESETCPU, _INTR, _READREGS, or _WRITEREGS at
present). The vmm monitor (parent) process or any non-pledged
processes can still do ioctls on any VM. For example, a VM can only
terminate itself but vmctl or the monitor can terminate any VM.
This prevents reachover into other VMs: while escaping from a VM to
the host side (eg. through a bug in virtio etc.) pledge already kept
the attacker in a pledged and privsep'ed process, but now it also
prevents vmm ioctls on "other VMs".
OK mlarkin@
|
|
processes to only do VMM_IOC_ ioctls on their associated VM (these
ioctls are _RUN, _RESETCPU, _INTR, _READREGS, or _WRITEREGS at
present). The vmm monitor (parent) process or any non-pledged
processes can still do ioctls on any VM. For example, a VM can only
terminate itself but vmctl or the monitor can terminate any VM.
This prevents reachover into other VMs: while escaping from a VM to
the host side (eg. through a bug in virtio etc.) pledge already kept
the attacker in a pledged and privsep'ed process, but now it also
prevents vmm ioctls on "other VMs".
OK mlarkin@
|
|
smi.c r1.20.
ok cc(1)
|
|
- cleanup SHA256 and SHA256.sig before download
- move assignment of _cfile and _srclocal to the top
In a later step, this allows verification of local sets without the
need of a prefetch area which is not used in this case anyway.
Idea from and OK naddy@
OK krw@
|
|
|
|
quickly. In both cases it does not make sense to set hints on them.
So remove that option, which is just a remainder of old times when
malloc used to hold on to pages. ok stefan@
|
|
a pointer to a mbuf pointer, because it only uses the mbuf for reading.
ok reyk@
|
|
all others that we can find in switch(4).
ok reyk@
|
|
already does exactly what it wants to do.
ok reyk@
|
|
add missing action_set_queue struct.
ok reyk@
|
|
size of a header to avoid an integer underflow.
Found with afl.
|
|
As in pfsync_print_clr() use vis(3) in print_state(). This was also
found with afl though with a different input.
|
|
modelled on the upstream version.
|
|
now it asks the mbuf layer for the 9k from its pools.
a question from chris@ made me go look at the chip doco again and i
realised that the chip only requires 4 byte alignment for rx buffers,
no 4k alignment for jumbo buffers.
i also found that the chip is supposed to be able to rx up to 9400
bytes instead of 9000. ill fix that later though.
|
|
The RTS threshold should be good enough and applies to all modes.
A similar change was made in iwm(4) not long ago.
tested by myself and benno@
|
|
ok jca@, reyk@
|
|
function.
ok reyk@
|
|
might want to use it. For buffered packets we probably need to save that
somehow else, but we don't support it now.
ok reyk@
|
|
and avoid problems.
ok jca@
|
|
(problem pointed out by Petr, fix proposed by Dilli) _at_ oracle
|
|
Triggered by an incorrect patch from Jan Stary.
Feedback and OK jmc@, OK millert@.
|
yasuoka
tb
schwarze
jasper
otto
rzalamena
bcook
guenther
dlg
phessler
rpe
jsg
danj
reyk
edd
visa
natano
mikeb
stsp
sashan