| Age | Commit message (Collapse) | Author |
|---|
|
advince from sthen@
|
|
is passed to the IOMMU device driver.
ok patrick@
|
|
this already on previous chips, which only started giving us packets when
handing over at least 128 of them. Apparently some now require 256, which
seems to get the Apple M1's WiFi going.
|
|
ok patrick@
|
|
OK phessler
|
|
this avoids unecessary writes to memory. it helps a little bit with
a single nettq, but we get a lot more of a boost in pps when running
concurrently.
thanks to hrvoje for testing.
|
|
|
|
check before using variable in list
remove unnecessary variable declaration
check value of adjustname()
add a '< 0' return value of snprintf
|
|
|
|
with popular fuzzing drivers like libfuzzer. AFAIK nobody has used
it but me.
|
|
ok florian@
|
|
|
|
if the bridge is supposed to carry vlan packets, assuming it's an
s-vlan component and should allow certain group addresses to cross
between "customer" bridges.
i should probably let some of these groups fall back through to the
calling ether_input rather than drop them.
|
|
|
|
|
|
testing has shown up to a 30% improvement in the veb forwarding
rate with this change.
an earlier diff was tested by hrvoje popovski
tested on amd64 and sparc64
|
|
check value of adjustname()
use int for return value of snprintf
|
|
the main bits are ether_addr_to_e64 and ether_e64_to addr for loading
an ethernet address into a uin64_t and visa versa. there's also
some macros for testing if an address in a uint64_t is multicast,
broadcast, anyaddr, or if it's an 802.1q reserved multicast group
address.
the reason for this functionality is once you have an ethernet
address as a uint64_t, operations like compares, bit tests, and
so on are fast and easy.
tested on amd64 and sparc64
|
|
|
|
used in the wifi firmware to ensure responses can be received.
|
|
|
|
ok dlg
|
|
initialized.
|
|
to load the CLM blob like the SDIO backend already does. Additionally it
is also helpful for the PCIe backend to try a file named after the device
tree compatible. Thus refactor the SDIO code and make it available for
both SDIO and PCIe.
|
|
|
|
While the for-loop checks that thie value has changed since we wrote to
it, the timeout-condition checked for non-zero, which is wrong. This
means that we didn't realize the firmware wasn't started. While there,
make sure the shared DRAM address is inside the chip's address space.
|
|
the same time.
|
|
on the rx/tx complete rings has increased slightly to accomodate possible
new features.
|
|
so that we can provide IOMMU-hooked bus DMA tags for each PCI device.
ok kettenis@
|
|
mention that shell wildcards may be used.
|
|
|
|
|
|
ok patrick@
|
|
|
|
Reported by bentley@; ok bentley@ jca@
|
|
ok markus@
|
|
|
|
To integrate the new X.509 verifier, X509_verify_cert() was refactored.
The code building chains in the legacy verifier was split into a
separate function. The first bug is that its return value was treated
as a Boolean although it wasn't. Second, the return alone is not enough
to decide whether to carry on the validation or not.
Slightly rearrange things to restore the behavior of the legacy verifier
prior to this refactoring.
Issue found and test case provided by Anton Borowka and jan.
ok jan jsing
|
|
|
|
DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.
Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).
ok tb@
|
|
ok tb@
|
|
In x509_verify_ctx_set_xsc_chain(), an ENOMEM case is currently passing
the last certificate and depth (which is no longer actually depth) to
x509_verify_cert_error(). Given we've hit an ENOMEM situation, neither
of these are useful so remove both.
ok tb@
|
|
write 8 bytes at the time by using a uint64_t pointer. For an
allocation a max of 4 such uint64_t's are written spread over the
allocation. For pages sized and larger, the first page is junked in
such a way.
- Delayed free of a small chunk checks the corresponiding way.
- Pages ending up in the cache are validated upon unmapping or re-use.
In snaps for a while
|
|
a monster.
okay sthen@
|
|
This also fixes two NULL ptr derefs in later code path.
OK patick@, krw@
|
|
|
|
the first cut of this diff was made with coccinelle using this spatch:
@rule@
type caddr_t;
expression m, off, len, cp;
@@
-m_copydata(m, off, len, (caddr_t)cp)
+m_copydata(m, off, len, cp)
i had fix it's opinionated idea of formatting by hand though, so
i'm not sure it was worth it.
ok deraadt@ bluhm@
|
|
i'm not a fan of having to cast to caddr_t when we have modern
inventions like void *s we can take advantage of.
ok claudio@ mvs@ bluhm@
|
|
apart from the semantic differences between bridge(4) and veb(4),
the only missing bits in veb(4) is the transparent ipsec interception
support, and spanning tree.
|
|
OK deraadt
|
