| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
report id, there's no point in trying to find a matching sub device.
ok mglocker@
|
|
|
|
|
|
|
|
| |
to guarantee that we read the cache parameters of the cache we just selected.
The required ISB instruction is present in the examples in the ARM ARM.
Fixes the the report on the cores in Apple's M1 SoC.
ok patrick@
|
|
|
|
|
|
|
|
| |
could get stuck in an endless recursion during TCP path MTU discovery.
Create a dynamic host route in ip_output() that can be used by
tcp_mtudisc() to store the MTU.
Reported by Peter Mueller and Sebastian Sturm
OK claudio@
|
|
|
|
|
|
|
|
|
|
|
|
| |
the kernel made the unique check before trunkating with strlcpy().
So there could be two interface groups with the same name. The kif
is created by a name lookup. The trunkated names are equal, so
there was only one kif owned by both groups. When the groups got
destroyed, the single kif was removed twice from the RB tree.
Check length of group name before doing the unique check.
The empty group name was allowed and is now invalid.
Reported-by: syzbot+f47e8296ebd559f9bbff@syzkaller.appspotmail.com
OK deraadt@ gnezdo@ anton@ mvs@ claudio@
|
|
|
|
|
|
|
|
|
|
| |
pppac_ioctl() be called on dying pppac(4) interface. But now if_detach()
makes dying `ifp' inaccessible and waits for references which are in-use
in ioctl(2) path. This logic is not required anymore. Also if_detach()
was moved before klist_invalidate() to prevent the case while
pppac_qstart() bump `sc_rsel'.
ok yasuoka@
|
|
|
|
|
|
|
|
| |
used as solock()'s backend to protect the whole layer.
With feedback from mpi@.
ok bluhm@ claudio@
|
|
|
|
|
|
| |
for framebuffer nodes under / and /chosen.
ok patrick@
|
|
|
|
|
|
|
|
|
| |
since the actual modification of the state table is done by a call to
pf_state_insert(), which takes the pf state lock itself. Other calls
to pfsync_state_import() also only have the pf lock.
Reported-by: syzbot+d6ea8620b43dc69ecbc6@syzkaller.appspotmail.com
ok bluhm@
|
|
|
|
| |
ok visa
|
|
|
|
|
| |
Silence from the network group
ok sashan@
|
|
|
|
|
|
|
|
| |
should ensure that we don't read a stale command ID and complete the
wrong scsi io. powerpc64 base builds were crashing like this fairly
regularly.
ok deraadt@ dlg@
|
| |
|
|
|
|
| |
OK bluhm@, claudio@, deraadt@
|
|
|
|
|
|
|
| |
a new object that is already refcounted, so carp attach does not
reach into internal structures. Add kasserts to detect counter
overflow or underflow.
OK mvs@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RAID1C discipline encrypts data like the CRYPTO discipline, and accepts
multiple chunks during creation and assembly like the RAID1 discipline.
To deal with failing disks a RAID1C volume may be assembled with a smaller
number of chunks than the volume was created with. The volume will then come
up in degraded state. If the volume is now detached and assembled again with
the correct number of chunks, any re-added chunks will require a rebuild.
Consequently, assembling RAID1C volumes requires careful attention to the
chunks passed via 'bioctl -l'. If a chunk is accidentally omitted from the
command line during volume assembly, then this chunk will need to be rebuilt.
At least one known-good chunk is required in order to assemble the volume.
Like CRYPTO, RAID1C supports passphrase and key-disk authentication.
Key-disk based volumes are assembled automatically if the key disk is present
while the system is booting up.
Unlike CRYPTO and RAID1, there is no boot support for RAID1C yet.
RAID1C largely reuses existing code of RAID1 and CRYPTO disciplines.
At present RAID1C's discipline-specific data structure is shared with that
of the CRYPTO discipline to allow re-use of existing CRYPTO code. A custom
RAID1C data structure would require CRYPTO code to access struct sr_crypto
via a pointer instead of via a member field of struct sr_discipline.
ok jsing@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RAID1C discipline encrypts data like the CRYPTO discipline, and accepts
multiple chunks during creation and assembly like the RAID1 discipline.
To deal with failing disks a RAID1C volume may be assembled with a smaller
number of chunks than the volume was created with. The volume will then come
up in degraded state. If the volume is now detached and assembled again with
the correct number of chunks, any re-added chunks will require a rebuild.
Consequently, assembling RAID1C volumes requires careful attention to the
chunks passed via 'bioctl -l'. If a chunk is accidentally omitted from the
command line during volume assembly, then this chunk will need to be rebuilt.
At least one known-good chunk is required in order to assemble the volume.
Like CRYPTO, RAID1C supports passphrase and key-disk authentication.
Key-disk based volumes are assembled automatically if the key disk is present
while the system is booting up.
Unlike CRYPTO and RAID1, there is no boot support for RAID1C yet.
RAID1C largely reuses existing code of RAID1 and CRYPTO disciplines.
At present RAID1C's discipline-specific data structure is shared with that
of the CRYPTO discipline to allow re-use of existing CRYPTO code. A custom
RAID1C data structure would require CRYPTO code to access struct sr_crypto
via a pointer instead of via a member field of struct sr_discipline.
ok jsing@
|
|
|
|
|
| |
We did not reach a consensus about using SMR to unlock single_thread_set()
so there's no point in keeping this change.
|
|
|
|
|
|
|
| |
the initial falloc() calls and then regrab it for the fdinsert() or
fdremove() calls respectiviely. Also move closef() outside of the lock.
This replaces the previously reverted lock order change that was reverted.
OK mvs@ visa@
|
|
|
|
|
|
|
|
|
|
|
|
| |
the SCHED_LOCK().
Putting a thread on a sleep queue is reduce to the following:
sleep_setup();
/* check condition or release lock */
sleep_finish();
Previous version ok cheloha@, jmatthew@, ok claudio@
|
| |
|
|
|
|
|
|
|
|
| |
offloading. The checksum must be calculated in software. Use the
same condition in ether_resolve() to send the broadcast packet back
to the stack and in in_ifcap_cksum() to force software checksumming.
This fixes regress/sys/kern/sosplice/loop.
OK procter@
|
|
|
|
|
|
|
|
|
| |
This allows more control over the structure of the linked kernel image.
Now the ELF .openbsd.randomdata segment can be omitted from BOOT kernel.
The segment has caused trouble with broken firmware when the firmware
tries to load it on top of the actual kernel segment.
Discussed with and OK deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
descriptor (usually doesn't happen), that we continue to use an outdated
cdesc pointer which still refers to the previous cdesc. Instead update
the cdesc pointer to the new configuration descriptor.
Reported by Thomas Jeunet <cleptho AT gmail DOT com>
ok phessler@
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
&armv7_bs_tag with fdt_cons_bs_tag, which is our early console bus tag
for both arm64 and armv7. On armv7, it points to &armv7_bs_tag. With
this we can get rid of the armv7var.h include. Reduce a bit of diff to
imxuart(4).
ok kettenis@
|
|
|
|
| |
ok kettenis@
|
|
|
|
| |
provide a function for the I2C clock frequency, used by exiic(4).
|
|
|
|
| |
way" of attaching the console.
|
| |
|
|
|
|
| |
ok kettenis@
|
|
|
|
|
|
|
|
|
| |
exposing battery sensors for HID++ 2.0 devices. Most of the code is
derived from the hid-logitech-hidpp Linux driver.
Thanks to Ville Valkonen <weezeldinga at gmail dot com> for testing.
ok mglocker@
|
|
|
|
|
|
|
| |
handler for a specific report id. Needed by an upcoming driver in order
to communicate with the device already in the attach routine.
ok mglocker@ as part of a larger diff
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the system recognize and configure Netgear ProSecure UTM25.
Of the network ports, LAN1-4 and WAN1 are functional. WAN2 does not work
for some reason. Even though WAN1 has a separate link to the SoC, the
connection appears to go through the same switch that the LAN ports use.
At the moment, the system relies on U-Boot to set up the switch so that
the LAN and WAN segments stay separate.
Initial diff and input from Thaison Nguyen, thank you!
|
|
|
|
|
|
|
| |
can not simply be vrele()-ed on error. The code currently depends on
closef() to do the cleanup.
Reported-by: syzbot+b0e18235e96adf81883d@syzkaller.appspotmail.com
|
|
|
|
|
|
| |
the file descriptors early do it late. This way the fdplock is not held
during the VFS operations.
OK mvs@
|
|
|
|
| |
OK deraadt@, bluhm@
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code delivered in this change is currently disabled. Brave souls
may enable the code by adding -DWITH_PF_LOCK when building customized
kernel. Big thanks goes to Hrvoje@ for providing test equipment and
testing.
As soon as we enter the next release cycle, the WITH_PF_LOCK will be
defined as default option for MP kernels.
OK dlg@
|
|
|
|
|
|
|
|
| |
to allow setting and removing IPv4 addresses.
Needed for future iked(8) improvements.
Discussed with sthen@ and florian@
ok bluhm@ deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kernel uses a huge amount of processing time for sending ACKs to the sender
on the receiving interface. After receiving a data segment, we send out two
ACKs. The first one in tcp_input() direct after receiving. The second ACK is
send out, after the userland or the sosplice task read some data out of the
socket buffer. Thus, we save some processing time and improve network
performance.
Longer tested by sthen@
OK claudio@
|
|
|
|
|
|
|
|
|
|
| |
which finally makes umb(4) fail, since ugen(4) attaches to one of the
umb(4) interfaces, fails, and marks the whole device dying. Therefore
make usbd_device2interface_handle() backwards compatible again.
Problem reported by Mikolaj Kucharski.
ok edd@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
before this change pf_route operated on the semantic that pf runs
when packets go over an interface, so when pf_route changed which
interface the packet was on it would run pf_test again. this change
changes (restores) the semantic that pf is only supposed to run
when packets go in or out of the network stack, even if route-to
is responsibly for short circuiting past the network stack.
just to be clear, for normal packets (ie, those not touched by
route-to/reply-to/dup-to), there isn't a difference between running
pf when packets enter or leave the stack, or having pf run when a
packet goes over an interface.
the main reason for this change is that running the same packet
through pf multiple times creates confusion for the state table.
by default, pf states are floating, meaning that packets are matched
to states regardless of which interface they're going over. if a
packet leaving on em0 is rerouted out em1, both traversals will end
up using the same state, which at best will make the accounting
look weird, or at worst fail some checks in the state and get
dropped.
another reason for this commit is is to make handling of the changes
that route-to makes consistent with other changes that are made to
packet. eg, when nat is applied to a packet, we don't run pf_test
again with the new addresses.
the main caveat with this diff is you can't have one rule that
pushes a packet out a different interface, and then have a rule on
that second interface that NATs the packet. i'm not convinced this
ever worked reliably or was used much anyway, so we don't think
it's a big concern.
discussed with many, with special thanks to bluhm@, sashan@ and
sthen@ for weathering most of that pain.
ok claudio@ sashan@ jmatthew@
|
|
|
|
|
| |
via index is actually in the right rdomain for the socket.
OK bluhm@ mvs@
|
| |
|
|
|
|
|
|
|
| |
kernel make sure that the rdomain of that interface is the same as
the rdomain of the inpcb.
Problem spotted and fix tested by semarie@
OK bluhm@ mvs@
|
|
|
|
| |
OK bluhm@, claudio@, mpi@, semarie@
|
|
|
|
|
| |
needed for >= linux 5.9 dtbs on bbb
ok kettenis@
|
|
|
|
|
|
|
| |
short TCP segments or fragments encapsulated in ESP instead of
fragmented ESP packets. Pass the don't fragment flag down along
the stack so that dynamic routes with MTU are created eventually.
with and OK markus@; OK tobhe@
|