| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
loop. Use an additional poll(2) during the handshake and also
respect the -w timeout option there.
From Shuo Chen; OK beck@
|
|
include "pcex.h" here.
|
|
it in ipsec_common_input_cb() instead. The code that was copied
to ah6_input_cb() is now in ip6_ours() so we can call it directly.
OK mpi@
|
|
armv7 we inherited the mechanism to manually modify the kernel symbol
table to change the value of esym. We don't use this, but instead use
the virtual address that is passed to the kernel. This change makes us
only work on and hand out physical addresses. Bump the efiboot version
to make this ABI change more visible.
|
|
to make sure to pass the current mapkey to prove EFI that we know the
current memory map and its constraints. Otherwise EFI can choose to
only partially exit until we pass the correct key. As we already use
the memory map to allocate memory for the kernel, split the previous
function into one simply retrieving the table and another one who uses
the map to allocate memory. At some point it would be nice to actually
pass the table to the kernel since its data is more reliable than the
FDT only. While there, sync a bit of style with the amd64 version.
|
|
|
|
is not actually helping us much and just adds complexity, so don't
bother.
|
|
|
|
|
|
basically use htolem64 to set the address and htolem32 for the
length, not the other way round. lucky this is mostly run on x86.
found by Jon Kloske
|
|
all pools set their ipls unconditionally now, so there isn't a need
to second guess them.
pointed out by and ok jmatthew@
|
|
leaving out the size, so that
ELFNAME2(exec,makecmds)
becomes
exec_elf_makecmds
instead of
exec_elf{32,64}_makecmds
and then delete the ELFNAME2() and ELFNAMEEND() macros.
Move the prototypes for functions local to exec_elf.c to there from
exec_elf.h.
Simplify the SMALL_KERNEL conditionals around the ELF coredump code.
Change exec_conf.c to use the size-generic names and macros
Remove exec_elf{32,64}.c and just build exec_elf.c; delete the
_KERN_DO_ELF and _KERN_DO_ELF64 #defines.
ok jca@, encouragement from deraadt@ and tom@
|
|
and not something we guarantee to userspace
ok jca@
|
|
from all but one call
ok jca@
|
|
ok jca@
|
|
of ELFDEFNNAME(NO_ADDR)
ok jca@
|
|
ok jca@
|
|
Reported by Ryan, pulse.purge at gmail.com
|
|
ok krw@
|
|
ok krw@
|
|
ok mpi@ henning@ sashan@
|
|
we need to make sure to clean the data and invalidate the instruction
cache upon entering a page with pmap_enter(). Since it is possible
that pmap_enter() does not directly enter the page, we need to do the
same dance in the pmap fault fixup code. Every new writeable mapping
or write removes a page's flag to mark it unflushed. The next time
pmap_enter() is called or a fault happens on that VA, it has to be
flushed and invalidated again. This was heavily discussed with Dale
Rahn.
On the Pine64 and Raspberry Pi 3 we have been very lucky to not run
into any cache issues, especially with the instruction cache. The
AMD Seattle seems to be a different kind of beast where we actually
have to care about these things. This finally brings the machine
into userland.
|
|
RhostsRSAAuthentication from regression test sshd_config.
|
|
ok dlg@ a while ago
some input from jca@ who wrote the same diff
|
|
asynchronous callbacks. Make the IPsec functions void, there is
already a counter in the error path.
OK mpi@
|
|
pagetables as well. Also replace the number for write-back with a proper
define.
|
|
true. Instead, unless overwritten by the device tree, we should ask the
generic timer for its frequency. This fixes time on my AMD Seattle and
should improve time management on QEMU as well.
|
|
|
|
these currently to 255. Thus making it impossible to use higher IRQs
than that. The AMD Seattle SoC though seems to provide 448 IRQs, which
is kind of out of bounds, so raise them to the proper values. This
makes interrupts work on that machine.
|
|
actually want.
|
|
failed. Add a counter for that case.
OK dhill@
|
|
|
|
|
|
by pre-allocating two cryptodesc objects and storing them in an array
instead of a linked list. If more than two cryptodesc objects are
required use mallocarray to fetch them. Adapt the drivers to the new
API.
This change results in one pool-get per ESP packet instead of three.
It also simplifies softraid crypto where more cryptodesc objects are
allocated than used.
From, with and ok markus@, ok bluhm@
"looks sane" mpi@
|
|
extra scroll of the entire terminal; issuing DECSTBM first prevents
this. Do that for now.
|
|
|
|
provided error code matches the error that is currently on the top of the
error stack.
|
|
Found by Hrvoje Popovski.
|
|
|
|
useful to propagate the error. When an error occurs in an asynchronous
network path, incrementing a counter is the right thing. There are
four places where an error is not accounted, just add a comment for
now.
OK mpi@ visa@
|
|
ok mpi@
|
|
not reset colours when in SGR 0), so we can't use it without more
trouble than it is worth. Abandon the idea for now.
|
|
|
|
|
|
|
|
Make sure that the beginning of a new request starts with an
alphabetic character. This is a quick way to detect non-ASCII
requests (eg. TLS on port 80). The full validation of the request
method is done once the input line is read.
Make sure that non-terminated lines do not exceed the
SERVER_MAXHEADERLENGTH which is 8k. As the current read watermark is
set to 64k, this means that the limit check is triggered after max.
64k of input, depending on the TCP read buffer.
OK benno@ jsing@
|
|
|
|
|
